We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.
At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.
To learn more about CIBC, please visit CIBC.com
The US Chief Administration Office and Technology, Data, and AI (US CAO + TDAI) business is at the forefront of innovation and operational excellence, encompassing Technology, Information Security, Deposit Operations, Loan Operations, Payment Operations, Data Management Office, Corporate Real Estate, Corporate Security, Procurement, Operational Resilience, and Governance & Oversight. Our mission is to drive transformation and enable growth by delivering world-class technology and operational solutions that support the bank’s strategic objectives.
The Governance and Oversight (G&O) team within CAO + TDAI operates as a First Line team in the Three Lines of Defense model, enabling risk discipline, business resiliency, and value creation while strengthening the CIBC Risk Management Framework.
What you'll be doing
We are seeking an accomplished leader with a strong background in Technology and Cybersecurity to join our Governance and Oversight (G&O) team as Director, Risk Advisory for US Information Security, Technology, Data & AI (IS / TDAI). This role is pivotal in shaping and executing governance, risk, and control frameworks that underpin operational resilience and regulatory compliance in a dynamic, rapidly evolving environment. While expertise in risk management is essential, we are prioritizing candidates with deep experience in technology and cybersecurity, who can bring thought leadership and technical acumen to the forefront of our risk agenda.
You will deliver proactive, advice-based risk management services to enable informed decision-making and foster a culture of risk awareness. By anticipating emerging risks, interpreting regulatory developments, and aligning controls with organizational objectives, you will ensure that risks are identified early, effectively managed, and communicated with clarity. Your leadership will empower teams to address challenges before they arise, implement best-in-class controls, and drive continuous improvement across the control environment.
How you’ll success
Technology & Cybersecurity Leadership: Lead the development, implementation, and continuous improvement of technology and cybersecurity governance, risk, and control frameworks. Leverage deep technical expertise to identify, assess, and mitigate emerging technology and cyber risks, ensuring robust operational resilience and regulatory compliance.
Risk Subject Matter Expert: Demonstrate a strong understanding of control frameworks, regulations, management control environments, audit, corporate policies and standards, business processes, and new industry-level guidance. Translate risk program requirements into process, risk, cause and control. Act as the risk and controls Subject Matter Expert (SME), providing expert advice to business partners, while identifying efficiency opportunities within existing processes. Maintain a forward-looking view of the control environment, staying informed on regulatory changes, emerging risks, and industry best practices.
Team Leadership: Inspire, lead, and develop a high-performing, diverse team of risk and technology professionals. Foster an inclusive culture of innovation, accountability, and continuous improvement, empowering team members to excel and drive collective success.
Risk Advisory & Thought Leadership: Serve as a trusted advisor to provide expert guidance on risk management, control design, and compliance, with a focus on technology, data and cybersecurity domains. Advance organizational risk maturity through innovative solutions, automation, and AI-driven enhancements.
Risk Assessment & Issue Management: Partner with business and technology leaders to conduct comprehensive risk assessments, identify control gaps, and develop actionable mitigation strategies. Oversee incident response, root cause analysis, and sustainability testing.
Regulatory & Exam Management: Lead the preparation for and management of regulatory exams, internal audits, and industry assessments. Ensure timely resolution of findings and implementation of corrective actions, drawing on deep knowledge of US and global regulatory requirements.
Continuous Improvement: Champion continuous improvement initiatives, leveraging emerging technologies and industry best practices to enhance the efficiency, effectiveness, and sustainability of the control environment.
Collaboration & Partnership: Establish and maintain a strong operating/engagement model across all three lines of defense. Collaborate to maintain a robust control framework and foster a culture of sustainable continuous improvement and innovation. Build trust and credibility with stakeholders by demonstrating expertise, authenticity, and a collaborative approach. Build and maintain strong executive relationships, including direct exposure to senior leaders.
Communication: Deliver insights and recommendations tailored to diverse audiences, including senior leadership, regulators, and external stakeholders. Translate complex data and findings into clear, actionable insights.
Special Projects: Participate in and lead special projects that advance the broader CAO + TDAI risk and control agenda.
Who you are
You are an experienced risk leader with a minimum of 12 years of progressive experience in technology, cybersecurity, risk management or controls implementation within a large, complex financial institution (GSIB experience preferred). You have a proven track record of developing, leading, and executing GRC strategies in a technology-driven environment.
You are a regulatory and industry expert with deep knowledge of US and global regulatory requirements and industry standards (FFIEC, GLBA, NYDFS, NIST, COBIT, ISO). You have experience managing regulatory exams, audits, and industry assessments, and hold relevant certifications such as CISA, CRISC, CISSP, or CISM.
You are a caring and accountable leader who is passionate about developing and coaching others to bring out their best. You have demonstrated experience leading diverse, high-performing teams and driving collective success through collaboration and inclusion.
You are a strategic and analytical thinker who sees the big picture, anticipates future trends, and develops long-term plans that align with organizational goals. You excel at analyzing complex situations, identifying opportunities and risks, and making informed decisions that drive sustainable success.
You are data-driven and a strong communicator who interprets and analyzes complex data, communicating detailed information in a meaningful way. You leverage data analysis and visualization to provide insights and recommendations to diverse audiences.
You are a champion of change who continuously evolves your thinking and working methods to deliver optimal results. You are flexible and able to pivot easily in response to shifting priorities.
You are a collaborative relationship builder who thrives in a team environment, leveraging the power of collaboration to achieve shared goals. You excel at building constructive and collaborative relationships, inspiring outcomes, and fostering trust through respect and authenticity.
You are detail-oriented and notice things that others don't, using critical thinking skills to inform decision-making and ensure the integrity of risk and control processes.
Values matter to you. You bring your real self to work, and you live our values - trust, teamwork, and accountability
California residents — your privacy rights regarding your actual or prospective employment
At CIBC, we offer a competitive total rewards package. This role has an expected salary range of $165,000- $220,000 for the market based on experience, qualifications, and location of the position (salary range varies based on the location which will be discussed at the time of the interview). The successful candidate may be eligible to participate in the relevant business unit’s incentive compensation plan, which may also include a discretionary bonus component. CIBC offers a full range of benefits and programs to meet our employee’s needs; including Medical, Dental, Vision, Health Savings Account, Life Insurance, Disability, and Other Insurance Plans, Paid Time Off (including Sick Leave, Parental Leave and Vacation), Holidays and 401(k), in addition to other special perks reserved for our team members.
*This job is not eligible for employment sponsorship*
What CIBC Offers
At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.
We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.
Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.
We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.
*Subject to plan and program terms and conditions
What you need to know
CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com
You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit.
We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.