Career Search

CyberSecurity Risk Process Technical Specialist - 3DI44 in Amherst, NY at M&T Bank

Date Posted: 6/16/2018

Job Snapshot

Job Description

M&T Bank

Cybersecurity Risk Process Specialist

Amherst, NY


This position uses professional knowledge, skills, and experience to assist in the development of a comprehensive strategy for the use, and continuous enhancement of the Bank's centralized control assessment technologies.  The Risk Process Technical Specialist III will also be responsible for ensuring that the execution of this strategy remains on track through mentoring of other Cybersecurity personnel and monitoring the ongoing evolution of the centralized control testing process. Finally, this position is responsible for establishing internal and external relationships to remain in tune with emerging risks, best practices, and the evolving regulatory landscape.

Assist in the formulation of business requirements that drive the implementation or enhancement of technologies to meet centralized control assessment objectives. Examples of centralized control assessment technologies include vulnerability scanning and penetration testing tools, server compliance assessment tools, static code analysis tools.

Research and train on industry trends surrounding centralized control assessment technologies. Share information with management and the Risk Process team. Participate in conversations with centralized assessment technology vendors.
Additionally, this person will serve as an expert in information Security governance, compliance, and risk management, develops and maintains the information security governance, risk analysis, and compliance methodology that is used to assess all areas of bank operations. By drawing on internal and external experts, industry research, and knowledge of emerging technologies, develops cost effective strategies to insure data confidentiality, integrity, and availability are maintained. 
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable. Provides centralized information security governance, compliance, and risk management expertise to functional areas throughout the organization. Assists functional areas to make sound business decisions based upon these considerations.

Minimum Qualifications 
Minimum of two to four years college with at least eight years involvement in systems analysis and application development, or an equivalent combination of education and experience. Education and experience in information security, information technology, mathematics, engineering, or a related discipline ideal.

2 years of experience  in information security, governance, compliance, risk management, and/or similar discipline. Two (2) years supervisory / project management experience helpful.
Excellent written and verbal communication skills.
Ability to communicate with senior management, peers, internal and external auditors and examiners, business partners and other security related agencies as required.
Ability to research and report on governance/compliance related topics using a variety of sources (ex: Internet, affiliate organizations, governmental agencies) and techniques.
CISSP Certification helpful. PMP Certification helpful.



 M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.