Information Security Analyst

Description:

CIBC's Identity and Access Operations team is hiring for an Information Security Analyst – Identity Access Management Co-op to monitor, analyze, review, and remediate access to CIBC's technology. In this role you will support the execution of our team's mandate by communicating with clients, analyzing data, providing solutions and reporting on key metrics and other defined measurements related to business deliverables and processes. You will provide technical expertise in the development and support of all activities, processes, procedures and tools used for validating and insuring the integrity of information security.

At CIBC we enable the work environment most optimal for you to thrive in your role. You’ll have the flexibility to manage your work activities within a hybrid work arrangement where you’ll spend 1-3 days per week on-site, while other days will be remote.

Important

We may ask you to complete an attribute-based assessment and other skills tests (such as simulation, coding, French proficiency, MS Office). Our goal for the application process is to get to know more about you, all that you have to offer, and give you the opportunity to learn more about us.
You must be currently enrolled in post-secondary education and returning to full-time studies to be eligible. However, you do not need to be in a registered Co-Op program to be considered for a role.
Recruitment timeline: Applications review – May/ June; Interviews – June/ July; Offers - July
Please include your resume (no more than 2 pages), a cover letter (no more than 1 page), and your most recent unofficial transcript with your application. These should all be uploaded into the Resume section of the application as one pdf document
This is a 4 month co-op opportunity.

How You’ll Succeed

Identity and access analytics – You have knowledge or interest in identifying access to infrastructure and data, assess risk of access, determine compliant or appropriate access, and solution for remediation, including comprehension of permissions management. You have the capability to analyze share and folder permissions and access control list. This includes proficiency in implicit/explicit permissions, propagated or broken ACL, and comprehension of identity types.
Administration – You have the ability to handle client escalations and prioritize activities. You will work towards the effectiveness of Identity and Access Management (IAM) processes, recommend solutions to enhance processes, eliminate risks, and improve the speed and quality of key services to our partners. You have the ability to apply appropriate tools to perform problem determination and root cause analysis; identify bottlenecks, redundancies and vulnerabilities of existing processes as they relate to identity and access management. You have excellent documentation skills. You can link operational activities and risks to controls and standards. You understand risk management framework to incorporate risk assessment to operational and improvement initiatives.
Reporting and Metrics – You can identify metrics thresholds and business rules for measuring data quality and ensuring adherence with bank and regulatory standards. You have creative thinking to modify or select the most suitable approach that results in providing CIBC with optimum solutions to business issues/challenges. This includes performing specific data or analysis based on business user requests and contribution to automation of reporting requirements, design documents for data quality & data management. You have experience with Excel and PowerPoint and Tableau and the ability to analyze raw data to provide predictive and prescriptive analytics.
Consulting – You will be responsible for collaborating with projects and initiatives to create and execute access management for new/existing infrastructure, aligning with Identity & Access Management (IAM) initiatives and related policies, standards, and procedures to help enhance our information security posture. You will assist other teams in investigation of potential security incidents and provide recommendations to remediate. You have excellent communication skills

Who You Are

You can demonstrate experience in Information Security. Knowledge of identity and access management principal is required. It's an asset if you have experience with control, compliance, audit testing and provisioning. Experience in advancing continuous improvement agendas including process documentation is an asset. Experience with reporting tools is an asset.
You have technical knowledge including Windows experience relating to Identity and Access specifically ACL, advanced PowerPoint and Excel. It's an asset if you have hands on experience with SailPoint IdentityIQ, ServiceNow, Varonis or ARS/AD
You give meaning to data. You enjoy investigating complex problems, and making sense of information. You're confident in your ability to communicate detailed information in an impactful way.
You understand that success is in the details. You notice things that others don't. Your critical thinking skills help to inform your decision making.
You're passionate about people. You find meaning in relationships, and surround yourself with a diverse network of partners. You build trust through respect and authenticity.
Values matter to you. You bring your real self to work and you live our values – trust, teamwork and accountability.