Company Information:

CIBC Mellon is a leading provider of asset servicing solutions to institutional investors in Canada, including multi-currency accounting, fund valuation, and investment information reporting. We are passionate about providing exceptional client service backed by our culture of innovation and success. Our outstanding employee experience will provide you with opportunities to learn and grow professionally while supporting the communities in which you live and work.

We are a diverse and dynamic workplace where employees take an active role in delivering on strategic objectives while advancing their individual career goals. We encourage innovative thinking and give our employees the support and resources they need to turn great ideas into actions.

We're always looking for talented people who can make a meaningful difference for our clients, our company and our communities. To learn more about why our employees love coming to work each day, visit

Position Overview:

Reporting into the Director, Enterprise Security Governance the Enterprise Security Governance Manager, manages and oversees the development, implementation, and maintenance of the information technology (IT) governance framework. This role ensures that security policies, practices, and controls are aligned with industry standards, regulatory requirements, and the organizations strategic goals. The manager will collaborate with cross-functional teams to assess and mitigate security risks, monitor compliance and promote a strong security culture across the enterprise.

Responsibilities:

• Ensures that security governance strategies align with organizational objectives and industry best practices.

• Sustains risk management strategies within the IT department, by establishing and documenting standards and methods to validate adherence to the CIBC Mellon technology risk framework.

• Identifies and assess security risks to the organization's assets, operations and data.

• Monitors governance over service providers' information security and access requirements to ensure they are aligned with CIBC Mellon's policies and framework.

• Leads information risk governance and privacy compliance activities across the IT department.

• Responsible for tracking and ensuring the application of relevant regulatory requirements across the IT department.

• Analyzes the due diligence and/or risk questionnaires submitted by clients to ensure the responses from CIBC Mellon provide proper controls for IT risk management and compliance.

• Provides regular reports on security risks, governance activities, and compliance status to senior leadership.

• Monitors and ensures compliance with relevant regulatory and industry standards (e.g. ISO 270001).

• Supports effective working relationships with internal/external auditors, regulatory examiners, and lines of business to ensure that IT risk requirements receive appropriate and timely attention within the IT department.

• Ensures IT audit, compliance and risk commitments and requirements are understood and effectively managed.

• Works with other teams to develop risk mitigation strategies and ensure they are implemented effectively.

• Promote a culture of security awareness across the organization through training programs, workshops and communication.

• Ensure employees and stakeholders are aware of an understand security policies and procedures.

• Regularly evaluate the effectiveness of security governance program and processes, recommending improvements as necessary.

• Stay-up-to-date with emerging security trends, threats, and technologies to ensure the organizations security posture evolves accordingly.

Qualifications:

Education/Experience

• Bachelor's degree in Computer Science or equivalent

• 5-7 years' experience in a corporate IT department

Specific Knowledge & Skills (not preferred or an asset)

• Obtained or enrolled for one of following certification CISSP, CISA, CISM, Technology Risk Management

• Depth of knowledge in the applicable coursework i.e. COBIT, COSO, and ISO standards

• Working knowledge of information technology ITIL environment

CIBC Mellon's Values:

Get it Right Every Day: Deliver service excellence while always acting with the highest ethical standards

Put Clients at the Centre: Advocate for clients by listening, sharing knowledge, and bringing the right solutions forward

Be One Family: Challenge, empower and recognize your colleagues

Take Ownership: Speak up, speak out, and make things better