Developer - Cybersecurity Automation Engineering

BUSINESS UNIT DESCRIPTION: The Cybersecurity, Third Party & Resilience Technology (CTPRT) team is responsible for the design, implementation, and management of innovative information security solutions across CIBC. CTPRT delivers technology that protects the bank, its data, and its clients from cyber threats by integrating leading-edge security systems, driving continuous improvement, and enabling secure digital transformation. JOB PURPOSE: The Developer will design, build, and maintain automation workflows and integrations within SOAR and SIEM platforms, ultimately enhancing incident response times and operational efficiency for security teams.

This role involves collaborating with business partners, vendors, Architects, BA, QA and application operation (AO) partners on the development, implementation, troubleshooting of cyber security solutions as well as provide PROD support. KEY ACCOUNTABILITIES: Technical SME - Act as a technical expert who bridges the gap between security operations and technology, empowering security teams to respond to threats more efficiently and effectively. Design and Implement SIEM, SOAR Workflows - Develop and implement custom automation workflows to address specific security needs, such as automating incident response tasks.

Integrate Security Tools - Integrate various security tools (e.g., endpoint detection and response) with the SIEM, SOAR platforms to enable seamless data exchange and orchestration of security actions. Build and Maintain Layouts, Playbooks and Scripts - Creating and maintaining user friendly interfaces, detailed playbooks and scripts that outline step-by-step procedures for responding to different security threats, ensuring consistent and effective responses. Solution Design and development - Act as a SME on the analysis of requirements, estimations for assigned work packages and coordination for end-to-end implementation of program specific solutions.

Lead the development of cost-effective and innovative solutions to meet business objectives while also maintaining existing applications; Work with vendors, consumers and AO teams to deliver services per project plan or business requests; Provide production support, and work with AO partners on problem troubleshooting and resolving. Programming Ability - Perform and coordinate complex application programming activities: develop specifications, code, test, debug, document, and automate via DevOps CI/CD in order to ensure successful implementation and maintenance of programs. Lead & Influence - Lead code-review sessions and ensure overall code quality aligns with business and project requirements.

Provide user acceptance testing support and production support to troubleshoot complex problems on applications and technologies. CROSS-FUNCTIONAL RELATIONSHIPS: Collaborates with team members and stakeholders within the Cybersecurity, Third Party & Resilience Technology group to deliver technology solutions. Works closely with internal partners, such as Business Analysts, Quality Assurance, and Infrastructure teams, to ensure the successful delivery and support of applications.

Engages with external vendors as required to implement and maintain third-party solutions. COMPLIANCE REQUIREMENTS/RESPONSIBILITIES: As an employee of CIBC, the incumbent must comply with all applicable CIBC and Line of Business policies, standards, guidelines and controls. AUTHORITIES/DECISION RIGHTS: As a key contributor to the business unit, this job has the authority to recommend changes to business processes in order to enhance operational efficiency and effectiveness.

JOB DIMENSIONS: Contributes to the development and support of applications within the CyberSecurity, Third Party & Resilience Technology team. Supports multiple projects and initiatives simultaneously, ensuring timely and effective delivery of solutions. KNOWLEDGE AND SKILLS: Education: Bachelors in Computer Science, Engineering, Technology or equivalent.

Must have skills: You can demonstrate 5+ years experience in the following spaces: Deploying and managing security solutions and applications in a complex environment Palo Alto XSOAR core development/security engineering experience (not security analyst/ operational experience) In-depth experience working in automation, playbooks, scripting using Python Experience developing XSOAR custom instance connectors using various API types, including REST and SOAP, different authentication mechanisms Integrations using XML, JSON, feed files, and JDBC Working knowledge on Azure App Service, Azure Functions, Azure BLOB and Key Vault integrations You are an expert in problem resolution and troubleshooting and can drive investigations independently, develop POC solutions and take those to design and implementation with little or no supervision. You are accountable and responsible and can make decisions required to address technology challenges and propose solutions and create storyboards with confidence. You know what it means to adhere to technology standards and produce resilient and scalable solution designs.

Demonstrated ability to collaborate effectively within a team environment. Excellent problem-solving and analytical skills. Strong communication skills with the ability to influence and inspire outcomes.

Nice to Have: DevOps Tools including: Git, Artifactory, GitHub Actions, Azure DevOps, JIRA, Ansible Develop user friendly UI layouts and Data modelling, ETL, SQL, KQL Understanding TCP/IP, basic networking protocols such as IP, DNS, HTTP, FTP, SMTP, etc., and security solutions including end point protection, XDR, network/host-based firewalls, DLP, web proxies, and troubleshooting network issues Good command on common Linux utilities and commands. managing processes, and troubleshooting issues. WORKING CONDITIONS: This role operates within a normal office environment with little exposure to adverse working conditions.