Consultant, Information Security

CIBC•Toronto, ON

4d•Hybrid

About The Position

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute. You’ll be joining CIBC’s Information Security - Privileged Access Management (PAM). You’ll be on the front lines of building the future of information security at CIBC. As an Information Security Consultant, you’ll assess projects for security risks and present recommendations that allow the business to secure privileged IDs using enterprise vault capabilities. You’ll provide insight and support to our enterprise vault that safeguards our clients, enhance risk management, and enable our success. At CIBC, we enable the work environment most optimal for you to thrive in your role so you'll have the flexibility to manage your work activities within a hybrid work arrangement where you'll spend 1-3 days per week on-site, while other days will be remote.

Requirements

Experience in Information Security, Threat-risk assessments, Vulnerability Management Lifecycle, and application currency initiatives.
Troubleshooting complex CyberArk issues and communicating a path to resolution.
PAM Engineering or Level 2 Operations CyberArk intermediate experience.
Familiarity of cybersecurity trends and risks on IAM and PAM.
Strong knowledge of a broad set of technology solutions with focus on CyberArk, Identity and Access Management (IAM), Privileged Access Management (PAM), Windows, Unix, Linux, Mainframe, Active Directory, Azure Active Directory, CyberArk, SailPoint and a background in application support.
Being able to work with REST API, understanding how to integrate technologies leveraging REST API and automating manual workflows.
Passionate about people. Find meaning in relationships, and surround yourself with diverse network of partners.
Build trust through respect and authenticity.
Digitally savvy. Seek out innovative solutions and embrace evolving technologies. Can easily adapt to new tools and trends.
Influence makes an impact. Know that peer relationship and networking are essential to success. Inspire outcomes by making yourself heard.
Give meaning to data. Enjoy investigating complex problems and making sense of information. Confident in ability to communicate detailed information in an impactful way.
Values matter. Bring your real self to work and live our values - trust, teamwork, and accountability.
Be legally eligible to work at the location(s) specified and, where applicable, have a valid work or study permit.

Nice To Haves

Familiarity with enterprise change management processes.
Cloud Computing technologies.
Exposure to Agile Development processes.
Code promotion processes.
CISSP certification.
Intermediate documentation experience in O365 and Jira/Confluence.
History as a developer with experience in various coding languages such as Python and Powershell.
An attribute-based assessment and other skills test (such as simulation, coding, French proficiency) may be required.

Responsibilities

Design PAM processes and strategies to securely manage the privileged ID lifecycle.
Implement, configure, deploy, & support PAM solutions.
Support and troubleshoot enduser issues, document trends, facilitate technical meetings, and identify rootcause.
Provide PAM subject matter expertise for business and technical project teams.
Coach and serve as a technical escalation resource to team members on all PAM related technical issues.
Execute cloud vision by providing technical expertise/guidance in cloud technologies.
Rotate on-call coverage with the rest of the team.
Prepare and conduct assessments for both planned initiatives and unplanned instances.
Perform clear and thorough threat and vulnerability scans of internal and external devices.
Use knowledge of processes, tools, techniques, and practices for assuring consistency to standards associated with accessing, altering, and protecting organizational data.
Collaborate with projects and other technology or business partners to create and execute privileged access management for new & existing infrastructure, aligning with Identity & Access Management (IAM) initiatives and related policies, standards, and procedures to help enhance our information security posture.
Assist other teams in investigation of potential security incidents and provide recommendations to remediate.
Examine and interpret requirement documents and architecture diagrams.
Collaborate with senior leaders and make informed, risk-based recommendations to enhance information system security.
Weigh business needs against security concerns to help guide the business to make practical and informed risk choices.
Recommend solutions to enhance processes, eliminate risks, and improve the speed and quality of key services to our partners.
Apply appropriate tools to perform problem determination and root cause analysis; identify bottlenecks, redundancies and vulnerabilities of existing processes as they relate to identity and access management.
Conduct gap analysis of existing process/procedures, development/maintenance of clear training/work level instruction documentation, review and update of controls and supporting documentation, coordinate and maintain currency of all knowledge related to the Lifecycle of Privileged Access Management.

Benefits

Competitive salary
Incentive pay
Banking benefits
Benefits program
Defined benefit pension plan
Employee share purchase plan
Vacation offering
Wellbeing support
MomentMakers, our social, points-based recognition program
Purpose Day; a paid day off dedicated for you to use to invest in your growth and development