Consultant, Information Security
About The Position
We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute. You’ll be joining the Security Engineering team in building robust information security technology that keeps the bank safe. As an Information Security Consultant, you’ll be focused on implementing and testing technology for workload credential management. You’ll help onboard applications to a central secrets management platform. You will provide guidance and recommendations to development and operations teams on the secure usage of this service. You will also support the development and maintenance of automated testing tools for the secrets management service. This role is an excellent opportunity to join a world class team within a great organization and assist with meeting a large enterprise growing Information Security needs. At CIBC we enable the work environment most optimal for you to thrive in your role. Details on your work arrangement (proportion of on-site and remote work) will be discussed at the time of your interview.
Requirements
- Experience in secrets management.
- Strong conceptual understanding of identity and access management, authentication and authorization, and workload identity.
- Worked with Hashicorp Vault.
- Experience writing automation workflows using GitHub Actions, Azure DevOps, and Ansible.
- Experience with Azure and Kubernetes applications.
- Experience in quality assurance.
- Understand the principals of test case design, and write workflows that execute those test cases.
- Degree/diploma in Computer Science, Engineering or related field.
Nice To Haves
- CISSP, CISA or CISM designations.
Responsibilities
- Integrate new test cases into the existing automated testing pipeline.
- Coordinate the build of new testing infrastructure to support new secret management integrations.
- Constantly evaluate our testing strategy and coverage to suggest improvements to the framework.
- Provide guidance to development teams for onboarding their applications to the enterprise secrets management service.
- Write configuration-as-code for Hashicorp Vault.
- Review secrets management solutions to ensure they are using best-practice techniques and following the principals of least privilege.
- Assist with technology platform maintenance activities including version upgrades, reporting improvements, and metrics analysis.
- Write new automated utilities to solve operational and security problems.
- Test, coordinate, and promote new releases of configuration code and configuration tooling.
Benefits
- competitive salary
- incentive pay
- banking benefits
- a benefits program
- defined benefit pension plan
- an employee share purchase plan
- a vacation offering
- wellbeing support
- MomentMakers, our social, points-based recognition program
- Purpose Day; a paid day off dedicated for you to use to invest in your growth and development
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
Associate degree
