Sr. Information Security Consultant, Threat Validation

We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients.

At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute.

To learn more about CIBC, please visit CIBC.com

This position can be primarily located in either Toronto (hybrid), Ottawa (hybrid), Vancouver (hybrid), or Charlotte, NC (remote), depending on the successful candidate.

As a Sr. Consultant, Information Security, you will join a highly regarded Offensive Security team and build something incredible within Cyber Security, Third-Party and Resilience (CTPR). You will design, build, and operate an emerging Attack & Control Validation Program within the bank, publish the novel processes and findings for your peers in information security, and help our partner lines of business achieve real security effectiveness. You will work with our Offensive Security, Advanced Threat Detection, Detection Engineering, and Exposure Management teams, among others, to validate and improve the effectiveness of our detections and controls through automated cyber attack scenarios.

At CIBC, we enable an optimal work environment for you to thrive. You’ll have the flexibility to manage your work activities within a hybrid work arrangement, spending 1-3 days per week on-site, with other days remote.

• Consulting: Your activities will focus on designing and building a program from the ground up. Your ability to explain the importance and benefits of security validation practices and consult across various roles and lines of business will help improve our security posture. You will experiment with various security technologies, understand their use in threat detection, and build business cases for onboarding these tools effectively.
• Coordination: You will coordinate build activities with risk, technology, and identity organizations within the bank. When operational, you will coordinate validation scenarios with detection engineering, threat detection, and governance teams to assess detection efficacy and respond to audits or regulatory requests. You will also provide insights into attack paths and techniques to help prioritize remediation efforts.
• Cyber Attack & Validation: You have experience in building or operating testing programs and are familiar with cybersecurity testing techniques and software. You can design scenarios to validate controls and identify gaps, helping prioritize improvements aligned with CIBC’s security priorities.

• Experience: You have 3-4 years of cybersecurity and controls experience, with 3+ years in product or program design/operation within security functions. Familiarity with APT activity and certifications like CISSP, CEH, OSCP, or OPST is a plus.
• Analytical: You enjoy investigating complex scenarios and making sense of information, communicating findings effectively.
• Ownership: You thrive when empowered to lead, go above and beyond, and work in a multi-disciplinary, matrix organization.
• Adaptability: You embrace change, continuously evolving your thinking and work methods.
• Attention to Detail: Your critical thinking helps you notice nuances others might miss, informing decision-making.
• Forward-Thinking: You make decisions that benefit both the present and future, proactively seeking new opportunities.
• Values: You bring your authentic self to work and embody trust, teamwork, and accountability.

Note: Prior to starting, security checks, including a criminal record check, must be successfully completed. An annual check may also be required.

#LI-TA

We prioritize your goals, starting with your strengths and ambitions. We offer opportunities for growth and a range of benefits, including a competitive salary, incentive pay, banking benefits, a comprehensive benefits program, a defined benefit pension plan, an employee share purchase plan, vacation time, wellbeing support, and MomentMakers recognition program.

Our spaces and tools foster collaboration and innovation, enabling you to make a difference for our clients.

We support your development through initiatives like Purpose Day—a paid day off dedicated to your growth.

• CIBC is committed to diversity and inclusion. If you need accommodations during the application process, contact Mailbox.careers-carrieres@cibc.com.

• You must be legally eligible to work at the specified locations and hold any necessary permits.

• You may be asked to complete assessments or tests to better understand your skills and fit.

Toronto - 81 Bay, 19th Floor
Regular
37.5
Cybersecurity, Security Operations, Security Technologies, Security Testing, Threat Detection