We’re building a relationship-oriented bank for the modern world. We need talented, passionate professionals who are dedicated to doing what’s right for our clients. At CIBC, we embrace your strengths and your ambitions, so you are empowered at work. Our team members have what they need to make a meaningful impact and are truly valued for who they are and what they contribute. To learn more about CIBC, please visit CIBC.com What You’ll Be Doing: The US Privacy Counsel will serve as a privacy subject matter expert (SME) within CIBC’s US Privacy Office, which is part of CIBC’s US Legal Department and CIBC’s Global Privacy Office. This SME will be responsible for leading and contributing to various important financial privacy matters. This may include, for instance, interpreting and applying financial privacy laws, regulations, and guidance; investigating and responding to privacy incidents; identifying emerging privacy risks and trends; monitoring and tracking legislative and regulatory changes and implementing compliance with them; maintaining and reporting metrics; creating and conducting privacy training; and fostering a culture of Privacy by Design and privacy compliance throughout CIBC’s US Region. The US Privacy Counsel will be expected to take the initiative to identify needs and opportunities for US Privacy involvement and to lead teams and workstreams, as well as to perform work at the direction of the US Chief Privacy Officer and other senior leaders. The US Privacy Office operates in an extremely collaborative and collegial environment where all members are encouraged and expected to actively contribute and to grow in their careers. Privacy Advisory: Identify and assess risks related to compliance with financial privacy laws and regulations, including GLBA and FCRA, as well as more broadly applicable federal and state privacy laws, such as TCPA, CAN-SPAM, CCPA/CPRA, and others Incident Response: Perform intake, tracking, and resolution of internal and external privacy incidents and breaches Draft and edit breach notification letters to affected individuals and regulators Maintain up-to-date legal inventory of data breach notice laws, regulations, and guidance Maintain and report incident-related metrics and identify enhancement opportunities based on those metrics Create and conduct awareness training and outreach on incident response and prevention to stakeholders in CIBC’s US Region Privacy by Design: Support the continuous development and enhancement of the US Privacy Program Learn and understand business strategies and priorities and their implications on privacy and data use, technology architecture and standards, and data governance Work with line of business colleagues as a trusted partner and advisor Collaborate with data governance colleagues on maintaining and refreshing data mapping Provide input on record retention schedules and practices Reporting and Metrics: Generate periodic reports as established in the US Privacy Office’s metrics and reporting procedures, and continually evaluate the need for enhancement to US Privacy’s approach to metrics, including adding or amending metric categories and/or the audiences to whom metrics are reported Regulatory Developments/Implementation: Support projects related to ongoing compliance with privacy and data protection laws and regulations, including ongoing California privacy law developments Monitor and track legal and regulatory changes Develop and inventory privacy training materials and other communications regarding legal and regulatory changes Third-Party Risk Management: Complete third-party risk assessments (TPRAs) and privacy impact assessments (PIAs) Review privacy-related contract provisions and serve as privacy SME in contract negotiations Liaise with stakeholders, including third-party risk management and information security colleagues, on a variety of vendor issues relating to privacy Coordination of Global Privacy Approach: Collaborate with colleagues in CIBC’s Global Privacy Office and CIBC’s other regional privacy offices to coordinate efforts and optimize CIBC’s global privacy approach How You’ll Succeed: Maintain and demonstrate a deep knowledge of relevant privacy laws, regulations, guidance, and emerging risks, and the ability to apply them to CIBC’s activities and business goals Display an enthusiasm and drive to learn and develop professionally Work collegially as part of teams as well as independently Demonstrate the ability to take initiative and produce excellent and useful work products without significant direction Take accountability for performance and demonstrate a strong work ethic Demonstrate a high degree of professionalism Effectively and efficiently manage and prioritize multiple assignments and projects Work continually to develop and refresh your knowledge and skills Who You Are You have familiarity with regulations, and supervisory guidance relevant to financial institutions regarding privacy and data breaches, including GLBA, FCRA, and state provisions You have a Law degree and bar membership in good standing in at least one US state You have strong research, writing, and verbal communication skills You have proficiency in MS Office 365, particularly Excel, SharePoint, and PPT You have CIPP/US certification or commitment to obtain it within the first year of employment Other privacy and/or information security certification(s) — e.g., CIPP, CIPM, CIPT, or CISSP — preferred You have project management experience and/or experience managing outside counsel is a plus You have previous experience working in financial services and/or advising financial services clients is a plus You’re a critical thinker. You effectively challenge the status quo and see beyond the face value of information. You’re a team player. You do what’s right to make a difference and jump in to share the load equitably. You’re a self-starter. You identify opportunities to get involved and add value, volunteer, and jump right in. When you need additional information or the involvement of additional stakeholders, you take the needed steps to make that happen. You have a strong work ethic and take accountability for following through. You won’t be satisfied until the work is done to the needed degree of quality, and you follow through on your commitments. You’re intellectually curious. You actively keep abreast of developments in the privacy law realm and seek out opportunities for professional development. At CIBC, we offer a competitive total rewards package. This role has an expected salary range of $120,000-$140,000 for the Chicago, IL market based on experience, qualifications, and location of the position. The successful candidate may be eligible to participate in the relevant business unit’s incentive compensation plan, which also may include a discretionary bonus component. CIBC offers a full range of benefits and programs to meet our employee’s needs; including Medical, Dental, Vision, Health Savings Account, Life Insurance, Disability, and Other Insurance Plans, Paid Time Off (including Sick Leave, Parental Leave, and Vacation), Holidays, and 401(k), in addition to other special perks reserved for our team members. Candidates hired to work in other locations will be subject to the pay range associated with that location. Additional total compensation and benefits details will be provided during the hiring process. California residents — your privacy rights regarding your actual or prospective employment What CIBC Offers At CIBC, your goals are a priority. We start with your strengths and ambitions as an employee and strive to create opportunities to tap into your potential. We aspire to give you a career, rather than just a paycheck. We work to recognize you in meaningful, personalized ways including a competitive salary, incentive pay, banking benefits, a benefits program*, a vacation offering, wellbeing support, and MomentMakers, our social, points-based recognition program. Our spaces and technological toolkit will make it simple to bring together great minds to create innovative solutions that make a difference for our clients. We cultivate a culture where you can express your ambition through initiatives like Purpose Day; a paid day off dedicated for you to use to invest in your growth and development. *Subject to plan and program terms and conditions What you need to know CIBC is committed to creating an inclusive environment where all team members and clients feel like they belong. We seek applicants with a wide range of abilities and we provide an accessible candidate experience. If you need accommodation, please contact Mailbox.careers-carrieres@cibc.com You need to be legally eligible to work at the location(s) specified above and, where applicable, must have a valid work or study permit. Job Location IL-120 S LaSalle St Employment Type Regular Weekly Hours 40 Skills Advisory Services, Compliance Assessments, Data Privacy, Leadership, Privacy by Design, Privacy Impact Assessments, Privacy Laws, Process Improvements, Regulatory Compliance, Risk Compliance, Strategic Objectives, Technical Knowledge At CIBC, we are in business to help our clients, employees and shareholders achieve what is important to them. Our ability to create value for all CIBC stakeholders is driven by a business culture based on common values: Trust, Teamwork and Accountability. Working with CIBC makes you a part of a work environment committed to our clients, employees and communities - a place where you can excel. Every day, our 44,000 employees help our clients achieve their financial goals, because what matters to our clients, matters to us.