Career Search

Cybersecurity Controls Assessment & Testing Specialist - 3DIQ7 in Amherst, NY at M&T Bank

Date Posted: 7/18/2018

Job Snapshot

Job Description

M&T Bank

Cybersecurity Controls Testing & Assessment Specialist

Amherst, NY



Uses professional knowledge, skills, and experience  to execute assessments on the effectiveness of Cybersecurity security control designs. Leverages a risk-based approach to ensure appropriate security principles and controls are applied during the system development life cycle and protect customer and corporate assets in line with the enterprise risk appetite. Responsible for understanding the enterprise architecture to identify security gaps. Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.



Minimum Qualifications
Bachelor’s Degree or equivalent work experience.
7 years professional experience in a regulated industry.

2 years in information security, governance, compliance, risk management, and/or similar discipline.

Previous experience of NIST or Cybersecurity Frameworks, with a strong focus NIST 800-53 and 800-53a

Strong knowledge of Cybersecurity principles and industry best practices, relevant to Confidentiality, Integrity, Availability

Proven knowledge of information technology security principles and implementation methods (e.g., firewalls, demilitarized zones, encryption, Active Directory / LDAP, SAML).

Skills in evaluating security controls based on Confidentiality, Integrity and Availability requirements of systems. 


Preferred Qualifications:

Active CISA, CAP, CISSP, CISM, or CRISC certification or Cybersecurity domain-related industry-recognized certification.

Working knowledge of the current version of the NIST (National Institute of Standards & Technology) SP800-53 and 800-53a Controls, or other recognized control frameworks, such as COBIT or ISO.

Knowledge of organization's risk tolerance and/or risk management approach. 

Working knowledge of project management methodology

Strong and proven knowledge of security technologies and architecture, including encryption, cloud network security design, Role Based Access Control, perimeter security and application security.

Knowledge of Cybersecurity threats and emerging security issues.

Experienced in conducting security control testing of systems. 



 M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.