Information Security Metrics and Reporting Analyst

About The Position

Requirements

• Bachelor’s degree in Data Science, Computer Science, Business Analytics, or a related field.
• 2+ years of experience in data analysis, reporting, or business intelligence, preferably within financial services
• Proficiency in data visualization tools (e.g., Tableau, Power BI), SQL, Excel, and Python.
• Strong analytical, problem-solving, and critical thinking skills.
• Excellent written and verbal communication skills, with the ability to translate complex data into actionable insights for executive audiences.
• Demonstrate ability to manage ambiguity, independently manage multiple priorities and projects in a fast-paced environment.
• Customer focused, with action orientation
• Strong attention to detail, organization skills, and a commitment to continuous improvement.
• You know that details matter. You notice and question things that others don’t. Your critical thinking skills help to inform your decision-making.
• You are a curious learner, staying current on industry trends. You challenge the status quo and have a passion for continuous improvement.
• You’re goal-oriented. You’re motivated by accomplishing individual and team based goals and consistently delivering your best to make a difference.
• You have a passion for excellence, holding yourself accountable.

Nice To Haves

• Masters degree is a plus
• Experience with GRC platforms (e.g. MetricStream,OneTrust, Archer) is a plus
• Experience with control frameworks (e.g. NIST CSF) is a plus

Responsibilities

• Metrics Reporting and Analysis: Understand data and visualize for stakeholder consumption
• Aggregate CSO level reporting for packaging
• Apply base reporting template to legal entities and functional group reporting
• Support the creation, maintenance, and enhancement of dashboards across multiple legal entities, including direct ownership of select BAU dashboards.
• Support creation of materials for various reporting committees and forums and address associated follow up requirements
• Coordinate reporting reviews and approvals
• Create and maintain reporting documentation, ensuring appropriate retention
• Metrics Development and Projects: Collaborate with Enterprise and US service owners to identify, test, and implement new metrics; modify existing metrics as needed.
• Contribute to mandatory and enterprise projects such as RAS/KRI refresh, non-RAS metrics refresh, US and Enterprise Data Strategy initiatives.
• Map metrics to domains, controls, and threats to ensure comprehensive coverage and continuous improvement.
• AI and Automation: Support the management of the US Information Security AI and Automation inventory and roadmap.
• Build out use cases and automate reporting processes where feasible.
• Collaborate with stakeholders to document requirements and direct and prioritize automation efforts.
• Projects Participate in enterprise, US region or department initiatives
• General Assist US Information Security service owners in presenting metrics to stakeholders in a clear and impactful manner.
• Perform controls as assigned control performer
• Implement continuous improvement areas
• Create and maintain procedural documentation
• Complete ad hoc research and reporting requests
• Work closely with US CSO organization, Data Governance, AI Governance, 1B, 2LOD and Enterprise, as required.
• Support summer internship activities

Benefits

• CIBC offers a full range of benefits and programs to meet our employee’s needs; including Medical, Dental, Vision, Health Savings Account, Life Insurance, Disability, and Other Insurance Plans, Paid Time Off (including Sick Leave, Parental Leave and Vacation), Holidays and 401(k), in addition to other special perks reserved for our team members.