Senior CIEM Specialist - Information Security

Application Deadline:

Address:

Job Family Group:

This is a Hybrid role, working 1-2 days a week in the office. CIEM experience is a MUST, as well as IAM acumen and leadership.

Provides leadership within IAM Security Governance and Security best practice in support of businesses/groups and BMO overall. Builds relationships and liaises with stakeholders to understand problems and opportunities and recommends solutions leveraging Cloud Infrastructure Enablement Management (CIEM) tools for optimal management of identities and privileges in cloud environments. Ensures that requirements map to a real business need, are approved by all relevant stakeholders, and meet essential quality standards. Participates or conducts user acceptance testing to ensure that changes made are in alignment with business requirements. Provides great customer service in support of the information security processes, applications and infrastructure.

• Provides strategic input into Security best practices as a trusted advisor and a subject matter expert on relevant regulations and policies
• Assesses BMO cloud environments & applications for compliance with IAM standards. 
• Identifies gaps and recommend remediation strategies based on security best practices
• Configures CIEM tool to monitor and report on IAM standards and controls
• Collaborates with stakeholders for remediation and continuous improvements
• Develops cloud governance processes and recommends IAM controls & design patterns based on Security practices
• Presents and communicates at all levels within IT and across business units.
• Prepares and delivers presentations for senior leaders.
• Gathers requirements and documents these requirements for use in various audits, reports, & projects.
• Identifies opportunities to strengthen the capability of the information security organization at BMO, such as: sharing expertise to promote technical development, mentoring employees, building communities of practice and networks across information security and technology.
• Works with stakeholders for remediation and continuous improvements
• Performs documentation writing and maintenance of new and existing processes, procedures and requirements.
• Recommends remediation strategies on the control gaps/ findings and approaches to streamline and integrate information security processes in the organization to improve overall efficiency.
• Remains alert to new information security technologies and threats that present risk to the enterprise and determines the best approach to mitigate these risks.
• Stays abreast of industry trends/risks related to information security, technology and business trends / risks through participation in professional associations, practice communities & individual learning.
• Ensures consistent, high quality security practices/work and the achievement of business results in alignment with business/group strategies and with productivity goals.
• Operates at a group/enterprise-wide level and serves as a specialist resource to senior leaders and stakeholders.
• Implements changes in response to shifting trends.
• Broader work or accountabilities may be assigned as needed.

Qualifications:

• Typically, between 10-15 years of relevant experience in Information Security domain and 5+ years in a leadership capacity
• Bachelor’s Degree in Computer Science, Engineering, Information Security or related disciplines
• Information Security certifications from a well-recognized institution (e.g. (ISC)2, ISACA, SANS).
• Expert in information security, technology governance and processes
• Deep acumen in Identity Access Management and Privileged Access Management space especially in a cloud setting using CIEM platforms
• Experience with CIEM ecosystem from a process compliance and configuration perspective
• Experienced with IAM controls & design patterns based on Security practices
• Experience identifying gaps and recommending remediation strategies based on security best practices
• Understanding and experience in one or more information security domains (e.g. data protection and privacy, compliance, risk management, application and cloud security, and incident management)
• Experience in developing policy and implementing security control framework in the Financial or any other highly regulated industry
• A clear understanding of regulatory, governance, privacy, and industry best practices.
• Knowledge of Information Security processes, procedures and controls - Expert.
• Understanding and problem-solving ability of Information Security issues across the bank - Expert.
• Understanding of industry standards and frameworks e.g. NIST Cyber Security Framework (CSF), ISO 27001 and 27002 - Expert.
• Understanding of Information Security risk and regulatory requirements - In-depth.
• Understanding of the scope of complexity that exists in the computing environment and the ways which security platforms impact that environment.

Salary:

Pay Type:

The above represents BMO Financial Group’s pay range and type.

Salaries will vary based on factors such as location, skills, experience, education, and qualifications for the role, and may include a commission structure. Salaries for part-time roles will be pro-rated based on number of hours regularly worked. For commission roles, the salary listed above represents BMO Financial Group’s expected target for the first year in this position.

BMO Financial Group’s total compensation package will vary based on the pay type of the position and may include performance-based incentives, discretionary bonuses, as well as other perks and rewards. BMO also offers health insurance, tuition reimbursement, accident and life insurance, and retirement savings plans. To view more details of our benefits, please visit: https://jobs.bmo.com/global/en/Total-Rewards

We’re here to help

At BMO we are driven by a shared Purpose: Boldly Grow the Good in business and life. It calls on us to create lasting, positive change for our customers, our communities and our people. By working together, innovating and pushing boundaries, we transform lives and businesses, and power economic growth around the world.

As a member of the BMO team you are valued, respected and heard, and you have more ways to grow and make an impact.  We strive to help you make an impact from day one – for yourself and our customers.  We’ll support you with the tools and resources you need to reach new milestones, as you help our customers reach theirs. From in-depth training and coaching, to manager support and network-building opportunities, we’ll help you gain valuable experience, and broaden your skillset.

To find out more visit us at http://jobs.bmo.com/us/en

BMO is committed to an inclusive, equitable and accessible workplace. By learning from each other’s differences, we gain strength through our people and our perspectives. BMO is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law. Accommodations are available on request for candidates taking part in all aspects of the selection process. To request accommodation, please contact your recruiter.

Note to Recruiters: BMO does not accept unsolicited resumes from any source other than directly from a candidate. Any unsolicited resumes sent to BMO, directly or indirectly, will be considered BMO property. BMO will not pay a fee for any placement resulting from the receipt of an unsolicited resume. A recruiting agency must first have a valid, written and fully executed agency agreement contract for service to submit resumes.