Cybersecurity Governance Specialist III

The Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT/OPT or the Stem OPT extension.About M&T BankAt M&T Tech, we’re a team of makers, doers, and builders, working to create the most advanced technology solutions in banking. We’re not your stereotypical suit and tie bankers: we’re an innovative team of leading tech experts, pushing boundaries, and taking risks. We’re building an agile team of the most skilled and creative workers to solve complex problems, architect solutions, write high-performance software, and chart our new path, all to make the lives of our customers, and the communities that we serve, better. Join us and be part of something new as we build tomorrow’s bank, today.Overview:Responsible for analyzing, developing, and monitoring compliance with complex cybersecurity policies, procedures, and best practices. Develop new and enhance existing processes and governance that prioritize resiliency and security of organization.Primary Responsibilities:

Develop comprehensive policy framework to align with Cybersecurity goals and to enhance processes in alignment with industry best practices

Partner with First Line Risk and Cybersecurity leadership to develop, review, and update strategies, policies and procedures pertaining to various governance areas

Identify industry best practices and regulatory requirements to implement processes, policies, and techniques that will continuously improve Cybersecurity's ability to ensure the organization is resilient and secure

Design and build centralized tools (including dashboards) that Cybersecurity teams use to extract data/insights for business management in an automated manner

Prepare reports through gathering, analyzing and summarizing data and information; prepares presentation materials for senior leadership reports

Partner with appropriate teams and leadership, First Line Risk, and Internal Audit to proactively mitigate risk through creation and enhancement of comprehensive policy framework

Executes comprehensive response to internal audit and regulatory requests, refining processes for efficiency and accuracy

Partner with Cybersecurity teams and managers to ensure process documentation, reporting, and performance metrics continuously improve with organizational maturity

Creates remediation plans and supports team implementation, providing guidance to teams to ensure comprehensive execution against key actions and milestones

Foster strong partnerships with stakeholders in Cybersecurity teams to ensure successful development and implementation of the governance framework

Recommends key actions and milestones in project plan and leads execution of specification project milestones

Scope of Responsibilities:Peers, manager, Cybersecurity team and leadership, First Line Risk team, Internal Audit team, and external auditorsExercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.Subject matter expert on multiple cybersecurity platforms and applications within function, and working knowledge on multiple platforms and applications across full cybersecurity teamEducation and Experience Required:Associates’ degree in an applicable discipline and a minimum of 6 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree, a combined minimum of 8 years’ higher education and/or work experience, including a minimum of 6 years’ relevant experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security OperationsUnderstanding of the System Development Life Cycle (SDLC), networking concepts and protocols, and network security methodologiesExperience researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planningDetailed technical experience with mainframe, distributed computing environments and network security architecture concepts including topology, protocols, components and principlesPrior experience and demonstrated aptitude for quickly learning multiple new technical skills and supporting multiple systems, tools and processesExperience actively leading complex problem and technical analysis walkthroughsDetailed technical experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), attack methodologies and traffic flows for threats and vulnerabilitiesDetailed technical knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)Experience acting as a surrogate team leader to assign, review, evaluate and prioritize team effortsEducation and Experience Preferred:

Subject matter expert on multiple cybersecurity platforms and applications within function, and working knowledge on multiple platforms and applications across full cybersecurity team

Proficient level of thinking critically and able to lead problem solving

Excellent communication and interpersonal skills

Experience partnering with leaders to design solutions to business needs

Demonstrated advanced knowledge of technology risk principles and compliance requirements

Excellent ability to translate technical requirements into policies that fit into a comprehensive governance framework

M&T Bank is a Top 10 US bank holding company and one of the best performing and financial stable regional banks in the country, we offer our technology employees a wide range of performance-based career development opportunities. We have a strong commitment to our customers and the communities we serve, and we continue to grow with a focus on the future. So, when looking to advance your career, look to M&T. Grow with us.Hiring Immediately.We support our team members with generous benefits.

Competitive compensation

Health, welfare, and retirement benefits

401(k) match at 5%

Work-life balance and flexible work arrangements

Up to 25 days PTO plus 12 paid holidays

#MTBTechCareers, #MTBCareers #MTBTechLife & #MTBTechHub #CybersecurityJobs #InfosecJobs #CybersecurityCareer #Hiring #JobOpening #ITJobs #TechJobs #CISSP #Cybersecurity#cybersecuritysolutions #cybersecurityarchitecture #securitymanagement #informationsecurity #cybersecurityleadership #securitysolutions #cybersecuritystrategy #cybersecuritymanagement #securearchitecture #ITsecuritysolutions #networksecurity #cybersecurityprofessional #securityconsulting #securityassessment #cybersecurityteam #riskmanagement #datasecurity #cloudsecurity #cybersecurityawareness #cybersecurityexpertLocation:Clanton, Alabama, United States of AmericaM&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer, including disabilities and veterans.