Sr. Information Security Consultant, Threat Validation

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.

At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC, please visit CIBC.com

This position can be primarily located in either Toronto (hybrid), Ottawa (hybrid), Vancouver (hybrid), or Charlotte, NC (remote), depending on the successful candidate

What you’ll be doing

As a Sr. Consultant, Information Security, you will join a highly regarded Offensive Security team and build something incredible within Cyber Security, Third-Party, and Resilience (CTPR). You will design, build, and operate an emerging Attack & Control Validation Program within the bank, publish the novel processes and findings for your peers in information security, and help our partner lines of business achieve real security effectiveness. You will work with our Offensive Security, Advanced Threat Detection, Detection Engineering, and Exposure Management teams, among others, to validate and improve the effectiveness of our detections and controls through automated cyber attack scenarios.

At CIBC, we enable an optimal work environment for you to thrive. You’ll have the flexibility to manage your activities within a hybrid work arrangement, spending 1-3 days per week on-site and other days remotely.

How you’ll succeed

• Consulting – Focus on designing and building a program from scratch. Your ability to explain the importance of good security validation practices and consult across various roles and lines of business will help improve our security posture. You will experiment with security technologies, understand their use in threat detection, and build business cases for their adoption.

• Coordination – Coordinate build activities with risk, technology, and identity teams. When operational, coordinate validation scenarios with detection engineering, threat detection, and governance teams to assess detection efficacy and respond to audits or regulatory requests. Provide insights for exposure management and remediation prioritization.

• Cyber Attack & Validation – Experience in building or operating testing programs, familiar with cybersecurity testing techniques and software. Design scenarios to validate controls and identify gaps, helping prioritize improvements aligned with CIBC’s security priorities.

Who you are

• Experience in driving security improvements within organizations and across business lines. 3-4 years of cyber security and controls experience. 3+ years in product or program design/operation within security functions. Familiarity with APT activity and holding certifications like CISSP, CEH, OSCP, or OPST is a plus.

• Data-driven – Enjoy investigating complex scenarios, making sense of information, and communicating impactful insights.

• Ownership mindset – Thrive when empowered to lead, go above and beyond, and deliver results. Work well in a multi-disciplinary, matrix environment.

• Change champion – Continuously evolve your thinking and work methods to deliver your best.

• Detail-oriented – Notice nuances others might miss. Use critical thinking to inform decisions and explain their significance.

• Forward-looking – Make decisions that benefit today and tomorrow. Seek new opportunities to innovate.

• Values-driven – Bring your authentic self to work, living our values of trust, teamwork, and accountability.

**Prior to starting, security checks including a criminal record check must be successfully completed to the satisfaction of CIBC. An annual check may also be required.**

#LI-TA

What CIBC Offers

We prioritize your goals, starting with your strengths and ambitions. We offer opportunities to grow your potential, including a competitive salary, incentive pay, banking benefits, a comprehensive benefits program*, a defined benefit pension plan*, an employee share purchase plan, generous vacation, wellbeing support, and MomentMakers, our recognition program.

Our spaces and tools foster collaboration to create innovative solutions for our clients.

We support your ambition through initiatives like Purpose Day—paid time off dedicated to your growth and development.

*Subject to plan and program terms and conditions

What you need to know

• CIBC is committed to inclusion. If you need accommodations, contact Mailbox.careers-carrieres@cibc.com

• You must be legally eligible to work at the specified locations and possess valid work or study permits where applicable.

• We may ask you to complete assessments and skills tests to learn more about your capabilities and share more about us.

Job Location

Toronto-81 Bay, 19th Floor

Employment Type

Regular

Weekly Hours

37.5

Skills

Cybersecurity, Security Operations, Security Technologies, Security Testing, Threat Detection