Manager, Cybersecurity & Technology Control Assessment Job at CIBC US in Chicago

Overview Manager, Cybersecurity & Technology Control Assessment at CIBC US. This role conducts control testing, provides assessment, consulting, and reporting on operational risk and controls involving people, technology, processes or external events arising from audit and control testing. The position supports development of cybersecurity control testing programs to align with governance and regulatory requirements and maintains awareness of regulatory changes. To learn more about CIBC, please visit CIBC.com. What You’ll Be Doing Independently conduct control testing and provide assessment, consulting, and reporting on operational risk and controls related to people, technology, processes, or external events. Understand and apply qualitative and quantitative components of the Risk Appetite Statements. Escalate matters through appropriate channels (HR, management, Ethics Hotline, Whistleblower, etc.) if activities contradict CIBC policies, frameworks, guidelines, processes or controls. Collaborate with Sr. Managers and/or Program Director of the US TI&I Control Assessment Program on cybersecurity and IT control design and operating effectiveness testing. Assist in developing a cybersecurity control testing program to align with Governance and Regulatory bodies; monitor regulatory changes and create strategies to implement changes within US TI&I. Engage in development of risk management processes and provide proactive advisory services to technology and cybersecurity teams. Details on work arrangement (proportion of on-site and remote work) will be discussed at the time of your interview. How You’ll Succeed Risk Management – Leverage technology and cybersecurity risk management expertise to maintain an acceptable risk posture aligned with industry peers, regulatory requirements, and CIBC’s risk appetite. Understand Requirements – Analyze processes and functional requirements to guide internal stakeholders and ensure work packages are well defined. Time and Project Management – Manage timelines, communicate with managers and internal clients, and provide estimated time to completion while avoiding last-minute pressure. Internal Client Engagement – Meet with internal clients to understand priorities and advise on technology and cybersecurity risk management solutions; support remediation of known issues. Communication – Demonstrate strong verbal and written communication with internal and external teams. Relationship Management – Build trusted advisory relationships across risk management, internal audit, Enterprise counterparts, and control assessment teams. Collaboration – Engage cross-functionally across all lines of defense to ensure inclusive, constructive collaboration. Who You Are Degree/diploma in accounting, cybersecurity, technology, finance or related field; 5–7 years of experience in technology or cybersecurity testing/audit/risk management/consulting; professional certifications in Technology Risk, Cybersecurity Risk and audit-related certifications (e.g., CISA, CISSP, CISM, CRISC). Experience conducting or managing internal and external audits, knowledge of audit methodologies and standards (IIA, ISACA). Familiarity with new technologies such as RPA and AI to enhance control testing. Experience designing and executing control testing plans with both manual and automated testing; ability to depict processes from current to future state to identify risks and controls. Proven ability to influence across cross-functional teams without direct authority. Customer-first mindset; ability to meet critical deadlines without adding unnecessary steps or burden to internal clients. Change champion with flexibility to adapt; able to generate ideas and lead cross-functional teams to completion. Strong communication and problem-solving skills; ability to engage with senior leaders. Ability to analyze data, understand data sources, and meaningfully interpret information, including unstructured data; ability to work with data extracts from source systems. California residents — your privacy rights regarding your actual or prospective employment. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com. What You Need To Know Legal eligibility to work in specified locations; where applicable, valid work or study permit. May be asked to complete attribute-based assessments and other skills tests as part of the application process. What CIBC Offers Competitive salary, incentive pay, comprehensive benefits, and a rewards program; including medical, dental, vision, 401(k) and paid time off. Opportunities for growth and development; inclusive environment with resources to support your goals. Other program terms and conditions apply. Job Details Job Location: IL-Illinois - Virtual Employment Type: Regular Weekly Hours: 40 Skills: Analytical Thinking, Control Frameworks, Decision Making, Group Problem Solving, Operational Risk Management, Risk Analytics, Risk Assessments, Risk Governance Seniority level: Mid-Senior level Employment type: Full-time Job function: Engineering and Information Technology #J-18808-Ljbffr