Senior Information Security Consultant, Preparedness

CIBC•Toronto, ON

1d•Hybrid

About The Position

You will be joining a highly regarded Offensive Security & Preparedness team and build something incredible within Cyber Security. You will continue building an emerging Cyber Threat Exposure Preparedness and Cyber Range programs within the bank and help our partner lines of business achieve real security effectiveness. As a Preparedness specialist you will be working closely with your Offensive Security team members as well as partners in Cyber Threat Exposure Management, Cyber Security Operations as well as threat intelligence, and many other lines of business to develop and deliver preparedness exercises from a variety inputs. In collaboration with your team, you will plan, execute and recommend improvements to CIBC’s overall security and control environments for high risk applications and services. At CIBC we enable the work environment most optimal for you to thrive in your role. You’ll have the flexibility to manage your work activities within a hybrid work arrangement where you’ll spend 1-3 days per week on-site, while other days will be remote.

Requirements

At least 2-3 years of overall Cyber Security and controls experience.
5 years of consulting and program experience within a security operation or analysis function, and an understanding of how to leverage it for enterprise defense.
Ability to explain the importance and benefits of good security practices.
Ability to consult with a wide variety of roles and lines of business across the bank.
Ability to interact and experiment with a wide range of security technologies.
Ability to explain how security technologies can be used to detect and stop threats.
Ability to propose, plan and coordinate preparedness exercises.
Ability to own and manage the tabletop exercise function from beginning to end.
Ability to interface and collaborate with internal and external teams.
Ability to propose and consult on needed remediations.
Ability to drive continuous improvement.
Analytical Thinking
Collaborating
Cybersecurity
Information Security
Microsoft Office
Risk Management
Security Operations

Nice To Haves

Familiarity with Advanced Persistent Threat (APT) activity
Hold either a CISSP or CEH certification
Familiarity with Qualys EASM, Microsoft's Security Exposure Management, and/or SafeBreach or similar BAS/CART tools.

Responsibilities

Improve and mature the cyber preparedness exercises and cyber range program within the bank.
Explain the importance and benefits of good security practices and consult with a wide variety of roles and lines of business across the bank.
Interact and experiment with a wide range of security technologies – both currently in use and in investigation at CIBC – to understand and describe how they can be used to detect and stop threats.
Coordinate with the security assessment, response and intelligence teams to propose, plan and coordinate preparedness exercises.
Own and manage the tabletop exercise function from beginning to end (exercise planning and delivery – recommendation generation – socialization with responsible teams – remediation handoff).
Practice and improve CIBC's response to real world threats.
Propose and consult on needed remediations.
Drive continuous improvement by engaging security teams from red teaming, incident response, threat hunting, and many other lines of business with table top exercises and other assessment activities.

Benefits

Competitive salary
Incentive pay
Banking benefits
Benefits program
Defined benefit pension plan
Employee share purchase plan
Vacation offering
Wellbeing support
MomentMakers, our social, points-based recognition program
Purpose Day; a paid day off dedicated for you to use to invest in your growth and development