Consultant, Information Security - CIBC

Key Responsibilities

• Conduct comprehensive security risk assessments for new and existing projects, identifying vulnerabilities and recommending mitigation strategies.
• Develop and refine security policies, procedures, and controls aligned with industry standards and regulatory requirements.
• Collaborate with cross‑functional teams to integrate security requirements into project lifecycles and architecture designs.
• Perform threat modeling and risk analysis to support informed business decisions and risk acceptance.
• Provide expert guidance on compliance frameworks (e.g., ISO 27001, PCI‑DSS, GDPR) and assist in audit preparation.

Requirements

• 3+ years of experience in information security, risk assessment, or related field.
• Strong knowledge of security frameworks, threat modeling, and security architecture principles.
• Excellent communication skills, able to translate technical findings into actionable business recommendations.
• Experience with security tools and documentation (e.g., risk registers, policy templates).
• Relevant certifications (CISSP, CISM, or equivalent) preferred.