Director, Governance & Controls – Information Technology & Information Security jobs in United States
cer-icon
Apply on Employer Site
company-logo

CIBC · 1 day ago

Director, Governance & Controls – Information Technology & Information Security

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level, Lead/Staff
money$165K/yr - $200K/yr
date10+ years exp

CIBC is a relationship-oriented bank for the modern world, seeking talented professionals to make a meaningful impact. As the Director of Governance & Controls, you will design, implement, and enhance governance, risk, and control frameworks for the US Technology and Information Security functions, ensuring regulatory compliance and operational resilience.

BankingCredit CardsFinancial Services
badNo H1Bnote

Responsibilities

Serve as a trusted advisor to stakeholders, providing proactive guidance on risk management, control design, and compliance with organizational policies, regulatory requirements, and industry standards
Lead the development and execution of GRC strategies aligned with CIBC’s risk appetite and US regulatory expectations (FFIEC, GLBA, NYDFS, NIST, COBIT, ISO)
Act as a thought leader, driving control maturity and operational risk alignment across the organization
Oversee the identification, assessment, escalation, and mitigation of IT/IS risks, ensuring alignment with enterprise risk frameworks
Oversee the implementation of effective controls, ensuring they are integrated into business processes and technology systems
Conduct regular reviews of controls to assess the impact of changes in business processes, new projects, and emerging risks
Maintain oversight of the global control environment impacting IS/IT, ensuring alignment with CIBC’s broader risk management objectives and US regulatory requirements
Design and implement continuous control monitoring and assurance programs, leveraging data analytics and automation to enhance oversight
Conduct comprehensive risk assessments and ensure integration of effective controls into business and technology processes
Perform validation and quality assurance reviews of issues, ensuring proper risk management practices and closure in accordance with 2nd Line of Defense (LOD) guidance
Monitor and report on key risk and control metrics to senior leadership, providing actionable insights and recommendations
Maintain deep knowledge of US and global regulatory requirements, ensuring frameworks and practices remain current and compliant
Support regulatory exams, internal audits, and industry assessments, ensuring timely resolution of findings and implementation of corrective actions
Drive continuous improvement initiatives, leveraging emerging technologies and industry trends to strengthen the control environment
Foster a culture of innovation, risk awareness, and accountability across the team and broader organization
Build and maintain strong relationships with internal and external stakeholders, including auditors, regulators, and industry associations
Collaborate across the three lines of defense to maintain a robust control framework and foster a culture of sustainable continuous improvement and innovation; ensuring clear roles, responsibilities, and effective partnership
Prepare and present risk and control reports to executive management, regulators, and external stakeholders
Lead, mentor, and develop a high-performing, diverse team, fostering an inclusive culture of risk awareness and driving collective success

Qualification

GovernanceRisk & ControlsRegulatory ComplianceRisk ManagementData AnalysisCybersecurityControl FrameworksContinuous ImprovementLeadershipCommunicationCollaboration

Required

Minimum of 10 years of progressive experience in technology risk management, cybersecurity, or controls implementation within a large, complex financial institution
Proven track record of developing, leading, and executing GRC strategies in a technology-driven environment
Deep knowledge of US and global regulatory requirements and industry standards (FFIEC, GLBA, NYDFS, NIST, COBIT, ISO)
Experience managing regulatory exams, audits, and industry assessments
Relevant certifications such as CISA, CRISC, CISSP, or CISM
Strong understanding of control frameworks, regulations, management control environments, audit, corporate policies and standards, business processes, and new industry-level guidance
Strong verbal and written communication skills
Ability to build trust and credibility with stakeholders
Experience leading diverse, high-performing teams
Detail-oriented with critical thinking skills

Preferred

GSIB experience preferred

Benefits

Medical
Dental
Vision
Health Savings Account
Life Insurance
Disability
Other Insurance Plans
Paid Time Off (including Sick Leave, Parental Leave and Vacation)
Holidays
401(k)
Banking benefits
Wellbeing support
MomentMakers, our social, points-based recognition program
Purpose Day; a paid day off dedicated for you to use to invest in your growth and development.

Company

CIBC

twittertwittertwitter
Glassdoor4.0
company-logo
CIBC is a financial service company that offers business solutions.
dateFounded in 1867
location
Toronto, Ontario, CAN
people-size10001+ employees
web-link
https://www.cibc.com

Funding

Current Stage
Public Company
Total Funding
$3.08B
2026-01-09Post Ipo Debt· $700M
2025-09-22Post Ipo Debt· $326.24M
2025-07-09Post Ipo Debt· $750M

Leadership Team

leader-logo
Harry Culham
President and CEO | Président et chef de la direction
linkedin
leader-logo
David Garnier Nova Scotia
Vice President

Recent News

Canada NewsWire
CIB supporting First Nations in bringing clean power to New Brunswick and Nova Scotia Français
2026-01-22
Canada NewsWire
CIBC recognized as one of Canada's Top Employers for Young People for 14th consecutive year Français
2026-01-20
Power Technology
Aer Soléir’s Rondissone BESS project achieves financial close
2026-01-16
Company data provided by crunchbase