Security Operations, Investigations
CIBC in Toronto, ON
We're on a mission to build the relationship-focused bank of the future and we're looking for the passionate collaborators, innovators, advisors, and leaders who can get us there. Our distinct culture is built on a shared commitment to do what's right for our clients, our people, and our communities, and we strive for excellence in everything we do. Because life at CIBC is not only what you do, but how you do it.
To learn more about CIBC, please visit CIBC.com.
What You'll Be Doing
In Security Operations and Investigations you will lead and provide information security support for cyber security investigations by performing complex analysis of information security and privacy incidents and examining potential impact to the organization. Provide direction to the implementation of mitigating controls for incident containment and resolution.
How You'll Succeed
- Incident Response - Identify and engage appropriate resources within Technology for information security/privacy incident resolution. Coordinate and facilitate information security incident investigations by leveraging the Security Operations Centre, general technology subject matter experts and where other direct involvement is required. Lead and participate in root cause analysis for both information security and privacy incidents. Facilitate the containment and resolution of information security/privacy incidents. Triage information security investigations escalated by the Security Operations Centre for potential security incidents and escalate as appropriate.
- Process Support - Provide direction to the implementation of mitigating controls for incident containment and resolution. Provide technical expertise in development and support of all activities, processes, procedures and tools used for validating and ensuring the security of information assets. Weigh business needs against security concerns and recommend necessary changes to enhance the security posture of information systems. Recommend modifications to technology, supporting processes and procedures for improving information security protection, implement and track monitoring and reporting capabilities (KPI's/KRI's)
- Relationship Building - foster cross-functional relationships with peers within own area, middle to senior management, and executives in both internal and external roles. Provide communications and reporting to Technology management as appropriate during information security/privacy incidents and other broad-based events and trends within enterprise security administration and operations functions.
Who You Are
- You can demonstrate experience in conducting and managing incident response activities (minimum 5 years). Detailed comprehension of technical details related to common tactics, techniques and procedures (TTPs) employed by threat actors. Incident Response fundamentals - Strong experience of best practices related to incident response and investigations. Ability to design and facilitate a group process, elicit contributions from group members, stimulate a focused group discussion, and achieve a desired outcome.
- You can demonstrate knowledge in understanding of malware, malware delivery methods and malware behavior. IT Industry: Trends & Directions - Knowledge and understanding of marketplace experience, developments and trends related to the Information Technology (IT) function. Information Security Technologies - Knowledge of technologies and technology-based solutions dealing with information security issues. Information Security Management - Knowledge of processes, tools, techniques and practices for assuring adherence to standards associated with accessing, altering and protecting organizational data. IT Standards, Policies and Policies - Knowledge and ability to use and administer the organization's technology practices, standards and procedures
- You're a certified professional. You have current accreditation and good standing (at least one of the following) CISSP, GCIH, ECIH (preferred asset).
- You give meaning to data analysis. You enjoy investigating complex problems and making sense of information. You're confident in your ability to communicate detailed information in an impactful way.
- You understand that success is in the details. You notice things that others don't. Your critical thinking skills help to inform your decision making.
- You're digitally savvy. You seek out innovative solutions and embrace evolving technologies. You can easily adapt to new tools and trends.
- Values matter to you . You bring your real self to work and you live our values - trust, teamwork, and accountability.
What CIBC Offers
At CIBC, our people are our greatest asset. You'll become part of a diverse community that acknowledges everyone's unique talents, and empowers teams to do what's right for the client, and to do it well. As part of our team, you will:
- Thrive: Benefit from an open and approachable culture that provides the flexibility and support you need to integrate your life at work and at home.
- Connect : Work in a place where the right technology and infrastructure fosters innovation, collaboration and creativity.
- Develop: Grow your skills and career through our best-in-class onboarding experience, ongoing learning opportunities, individual development planning and comprehensive product training.
- Prosper: Share in our collective success with a competitive salary, incentive pay, banking benefits, health benefits program, and employee share purchase plan.
What You Need to Know
- CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation during the application or interview process, please contact Mailbox.email@example.com .
- You need to be legally eligible to work in Canada at the location(s) specified above and, where applicable, must have a valid work or study permit.
- This is a regular full time role with a schedule of 37.5 hours each week.
- Prior to starting in this role, security checks, including a criminal record check must be successfully completed to the satisfaction of CIBC. An annual criminal record check may also be required.