As an Information Security Consultant, you’ll assess projects for security risks and present recommendations that allow the business to make informed conclusions. You’ll provide insight and support to assemble policies and procedures that safeguard our clients, enhance risk management, and enable our success. The role is responsible for delivering technical expertise in the development and support of activities, processes, procedures and tools for protecting technology based information. The role works on complex issues involving one or more technical areas, mentoring employees and performing tasks of advanced technical depth and breadth. The role troubleshoots complex issues for all levels while reviewing, developing, testing and implementing security plans and control techniques. The role exercises independent judgement and decision making within ownership of projects, defining and supporting the implementation of the minimum security configuration for all IT hardware and software and ensuring that industry best practices are maintained. Using strong analytic and inductive thinking, the role assesses projects for security risks, identifying the potential exposures, and presenting recommendations that are practical and achievable, enabling the business to make informed risk decisions.

At CIBC we enable the work environment most optimal for you to thrive in your role. You’ll have the flexibility to manage your work activities within a hybrid work arrangement where you’ll spend 1-3 days per week on-site, while other days will be remote. 

How you'll succeed

• Operations - Design and execute PAM processes and strategies to securely manage privileged identities throughout their lifecycle, including the discovery and assessment of privileged accounts to help CIBC reach its zero standing privilege objective. You will implement, configure, and support PAM solutions, address end-user issues, document recurring patterns, conduct root cause analysis, and facilitate technical discussions. Act as a PAM subject matter expert for project teams, mentor colleagues, and serve as the technical escalation resource for PAM-related challenges. Contribute to the organization’s cloud initiatives by providing technical expertise in cloud technologies, and participate in a rotating on-call coverage with your team.
• Security Assessments – Apply your Information Security Management expertise to implement security patches for both planned and emergent needs, ensuring risks are clearly identified and addressed. Use your familiarity with processes, tools, techniques, and practices to consistently uphold standards for accessing, altering, and protecting the organization’s data.
• Consulting – Collaborate with project teams and technology or business partners to design and implement privileged access management for both new and existing infrastructure. Ensure alignment with Identity & Access Management (IAM) initiatives, policies, standards, and procedures to strengthen CIBC’s information security posture. Support other teams in investigating potential security incidents and provide actionable recommendations for remediation.
• Risk reviews – Examine and interpret requirement documents and architecture diagrams. Collaborate with senior leaders and make informed, risk-based recommendations to enhance information system security. Weigh business needs against security concerns to help guide the business to make practical and informed risk choices.
• Continuous Improvement – Demonstrate proficiency with information security and operational enterprise processes by recommending solutions to streamline workflows, minimize risks, and boost service quality for partners. Employ analytical tools to diagnose issues, conduct root cause analysis, and pinpoint process bottlenecks and vulnerabilities related to identity and access management. Carry out gap analyses, develop and maintain clear training and procedural documentation, review and refresh controls and supporting materials, and oversee the continued accuracy of Privileged Access Management lifecycle knowledge.

Who you are

• You can demonstrate experience as a Privileged Access Management (PAM) professional with advanced experience as an Idira Engineer (formerly CyberArk) in a self-hosted environment. You have a developer or application support background and deep expertise in building and troubleshooting CyberArk components such as Vault, PVWA, PSM, CPM, CCP, and SCIM. Key responsibilities include conducting root cause analysis, documenting findings and resolutions, and engaging with stakeholders. Experience in Service Continuity Management (SCM), CyberArk upgrades, clean-up, and server decommissioning is essential, while Pcloud migration experience is a valuable asset. Familiarity with enterprise change management processes, cloud computing technologies, Agile development methodologies, and code promotion processes is preferred. Intermediate documentation skills in SharePoint and Jira/Confluence and a CISSP certification are considered assets. You demonstrate awareness of cybersecurity trends and risks impacting IAM and PAM.
• You have a deep knowledge of Idira/CyberArk, IAM, and PAM, as well as proficiency in supporting and integrating technologies across Windows, Unix, Linux, Mainframe, Active Directory, and Azure Active Directory environments. Candidates should have a solid engineering or development background, with demonstrated experience in REST API utilization, technology integration, and workflow automation. Expertise in Python and PowerShell is a great asset. The successful applicant will be responsible for delivering industry-leading security solutions, driving innovation, and supporting complex application environments with a focus on privileged access and identity management.
• You have strong knowledge of a broad set of technology solutions with focus on CyberArk, Identity and Access Management (IAM), Privileged Access Management (PAM), Windows, Unix, Linux, Mainframe, Active Directory, Azure Active Directory, Databases, and a background in application support. Engineering or developer background will be beneficial to the role. Being able to work with REST API, understanding how to integrate technologies leveraging REST API and automating manual workflows will be reflective in a skilled candidate. experience in various coding languages such as Python and Powershell.
• You're passionate about people. You find meaning in relationships and surround yourself with a diverse network of partners. You connect with others through respect and authenticity. 
• You're digitally savvy. You seek out innovative solutions and embrace evolving technologies. You can easily adapt to new tools and trends.  
• Your influence makes a difference. You know that relationships and networks are essential to success. You inspire outcomes by sharing your expertise. 
• You give meaning to data. You enjoy investigating complex problems and making sense of information. You communicate detailed information in a meaningful way. 
• Values matter to you. You bring your real self to work and you live our values - trust, teamwork, and accountability. 

#LI-TA

What CIBC Offers

At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck.

• We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, defined benefit pension plan*, an employee share purchase plan, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program.

• Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients.

• We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

*Subject to plan and program terms and conditions

Job Location

Employment Type

Weekly Hours

Skills