Career Search

Cybersecurity Risk Analyst IV - 3DKHW in Amherst, NY at M&T Bank

Date Posted: 8/31/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Amherst, NY
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    8/31/2018
  • Job ID:
    3DKHW

Job Description

M&T Bank
Cybersecurity Risk Analyst IV
Amherst, NY
Function
Uses professional knowledge, skills, and experience to support a Cybersecurity risk management and governance practice focused on Cybersecurity Risk Assessments and First Line of Defense Test Strategy.
Responsibilities
Design and develop Cybersecurity risk assessments based on subject matter expertise and industry best practices.
Execute risk assessments, analyze results, recommend and implement remediation plans to address defined risks.
Present recommendations to area management and various risk committees. Work with other areas of Cybersecurity to define and document controls associated with identified risks. Participate in the development, documentation and maintainance of  the Bank's Cybersecurity controls testing program and plan. Confirm the program aligns with Cybersecurity policies, Risk Management policies and Regulatory requirements. Ensure compliance with legal and regulatory requirements and industry best practices. Maintain current knowledge of M&T Bank's Cybersecurity and Risk management policies, standards, and procedures as well as industry best practices and proposed new guidelines and regulations.
Identify and evaluate Cybersecurity risk to the business and drive the development of strategies to mitigate identified risks based on diverse factors including the organizations overall risk appetite and tolerance.
Provide current data for KRI's and KPI's. Present results to risk committees. Review current KRI's and KPI's, recommend enhancements to management and present recommendations to risk committees.  Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the
Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
Minimum Qualifications Required
2 years higher education and seven (7) years of relevant work experience, or in lieu of a degree, nine (9) years of
relevant work experience.
Excellent Knowledge of cybersecurity principles (relevant to confidentiality, integrity, availability, authentication, nonrepudiation)
Proven ability to facilitate targeted discussions with peers, line managers and senior management within business unit.
Excellent skill in conducting research and evaluating information for reliability, validity, objectivity, and relevance.
Excellent ability to communicate complex information, concepts, or ideas in a confident and well-organized manner
through verbal, written, and/or visual means.
Excellent ability to discern protection needs (i.e., security controls) of information systems and networks.
Proven ability to design and develop effective risk management processes (e.g., methods for assessing and mitigating
risk).
Excellent skill in recognizing vulnerabilities in security systems.
Excellent ability to design valid and reliable assessments.
Excellent skill in conducting knowledge mapping
Excellent skill to anticipate new security threats.
Preferred Qualifications
Bachelor's Degree
CISSP or CRISC certification or Cybersecurity domain-related industry-recognized certification.
Knowledge of organization's risk tolerance and/or risk management approach.

Knowledge of organizational security policies
 


 

 

 

 

 

 M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.