Career Search

Cybersecurity Manager III - 3DLCH in Amherst, NY at M&T Bank

Date Posted: 10/12/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Amherst, NY
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    10/12/2018
  • Job ID:
    3DLCH

Job Description

M&T Bank
Cybersecurity Manager III
Amherst, NY
Function:
Provides strategic and tactical direction in support of the Cybersecurity Department.  Manages multiple teams and Subject Matter Experts (SMEs) with diverse responsibilities including, but not limited to, development and execution of Cybersecurity Operations strategies, Cybersecurity Risk and Controls assessments, Vulnerability assessments, Cybersecurity controls testing and validation, Cybersecurity policies and standards, and Cybersecurity awareness and training program.  Represents Cybersecurity on various committees.  Identifies and communicates Cybersecurity threats, vulnerabilities, risks, emerging trends, and mitigation strategies in alignment with the organization's risk appetite. Recommends and reports on Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) for areas of responsibility and ensures appropriate remediation when required.  Promotes awareness of Cybersecurity policy, standards and governance among management and throughout the enterprise and ensures sound principles are reflected in the organization’s mission, vision and goals.
Responsibilities:
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support cybersecurity goals and objectives and reduce overall organizational risk.
Lead multiple diverse stakeholders and manage multiple projects and initiatives concurrently to establish and maintain enterprise continuity of operations program, strategy, and mission assurance.
Lead, manage, and oversee diverse security improvement actions across multiple teams to evaluate, validate, and implement solutions as required.
Lead, align, and manage cybersecurity priorities within the Department's overall security strategy and in coordination with closely-related departments and within Cybersecurity.
Actively manage, report, and lead efforts to define and improve the effectiveness of the enterprise's cybersecurity safeguards to ensure they provide the intended level of protection.
Lead and oversee the preparation, creation, distribution, and maintenance of plans, instructions, guidance, and Standard Operating Procedures (SOPs) concerning the security of Cybersecurity Operations for the team, multiple teams, or within Cybersecurity.
Lead and oversee that cybersecurity awareness, basics, literacy, and training are provided to operations personnel commensurate with their responsibilities within multiple teams or within the Division.
Fully manage from identification until completion the protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
Exercise usual authority of a manager concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations.
Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite.  Design, implement, maintain and enhance internal controls to mitigate risk on an ongoing basis.  Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
Nature & Scope:
Cybersecurity Risk Management: Manage with autonomy all facets of the Cybersecurity Risk Management program, including managing daily operations, building new strategies, revising or creating new processes and procedures, and leading personnel and staff.  Responsible for leading a multi- disciplinary team focused on development and execution of Cybersecurity Risk Assessments,  identification and monitoring of new Cybersecurity risks and controls and development and maintenance of Key Risk Indicators, Cybersecurity Controls Testing Program, and  Cybersecurity Policies and Standards Program. 
Required Qualifications:
Associates degree in an applicable discipline and a minimum of 9 years’ relevant work experience, or in lieu of a degree, a combined minimum of 11 years’ higher education and/or work experience, including a minimum of 9 years’ relevant work experience
Minimum of 2 years’ managerial experience
Relevant work and leadership experience in two (2) or more of the following Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations
Demonstrated detailed knowledge and understanding of Cybersecurity operational processes
Demonstrated detailed knowledge of Cybersecurity threats, vulnerabilities, emerging trends, and regulatory and operational impacts
Demonstrated ability to utilize feedback to drive process and service improvement
Proven experience managing multiple stakeholder relationships, including determining needs, requirements, and resources, and managing stakeholder expectations while committing to delivering quality results
Proven experience communicating complex information, concepts, or ideas in a confident, accurate, and well-organized manner through verbal, written, and/or visual media
Proven experience adjusting and operating in a diverse, challenging, and unpredictable fast-paced work environment
Proven experience coordinating, collaborating, and disseminating information to multiple subordinate, peer, and leadership teams, departments, and organizations
Prior experience advising and providing assistance to operations and intelligence decision makers in response to dynamic situations
Preferred Qualifications:
Bachelor degree in an applicable discipline
Minimum of 9 years’ demonstrated job progression and relevant work experience in two (2) or more of the following Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations
Prior experience managing and leading a Cybersecurity team of analysts, including training and development of staff
Prior experience serving as an escalation point for Cybersecurity incidents, vulnerabilities, and events
Detailed technical experience and understanding of testing and maintaining network infrastructure requirements, including hardware and software systems
Prior experience translating functional organizational and department requirements into logical and technical Cybersecurity solutions
Prior experience with managing operations following state, Federal, and organizationally-specific guidelines and documents
Prior experience with reviewing, verifying, and revising Cybersecurity and operational documentation reflecting the application or system security design features
Prior experience with developing multiple Cybersecurity strategies and plans
We encourage candidates with relevant military experience to apply.
About M&T
At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T.  As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.
M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.