Career Search

Operational Risk Officer - Cybersecurity - 3DG5F in Buffalo, NY at M&T Bank

Date Posted: 2/15/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Buffalo, NY
  • Job Type:
    Other
  • Experience:
    Not Specified
  • Date Posted:
    2/15/2018

Job Description

M&T Bank
Operational Risk Officer I - Cybersecurity
Buffalo, NY  
THE OPPORTUNITY:
As a member of the Second Line of Defense, the Operational Risk Officer I -  (“ORO I”) provides effective oversight and critical challenge of the identification, assessment, monitoring, mitigation, and reporting of all significant operational risks and risk practices within the First Line of Defense and throughout the Bank, specializing in Cybersecurity. The ORO I will participate in various risk committees, understand and utilize the Operational Risk Management Framework, and develop, implement and analyze key risk indicators (KRI) as it relates to information security.
The ORO I serves as a liaison to the Cybersecurity business unit (BUs). In relation to the assigned BUs, the ORO I will escalate significant and/or unresolved risk-related matters to Corporate Operational Risk Management Department’s management. The ORO I works closely with various levels within the Bank, including senior management and risk management groups, and collects, analyzes and reports operational risk information, all of which have a direct impact on the Bank’s risk management strategies.

POSITION RESPONSIBILITIES:
Provide independent oversight and critically challenge the BUs in the areas of identifying, assessing, monitoring, and controlling risks, and the completion of Risk and Control Self Assessments (RCSAs) based on emerging and ongoing risks, key risk indicators (KRI’s) and the risk appetite statement.
Independently test the BUs adherence corporate policies, BU defined procedures, and key operational risk related controls
Effectively communicate corporate operational risk management expectations to the assigned BUs, as well as changes in corporate operational risk management standards, existing and emerging risks, identified risks and responsibilities of the First Line of Defense.
Escalate significant and/or unresolved risk-related matters and events
Participate in/on relevant risk management committees and projects that impact the enterprise wide risk management, including cross-functional teams to collect and quantify risk-related data, such as capital modeling data, and to validate and report loss data.
Review new products, services, channels and regions, or significant enhancements to the same, in order to understand and assess inherent risks as well as conformance with the risk appetite statement and business strategy.
Propose solutions for enterprise risk management issues.
Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Complete other related duties as assigned.

NATURE AND SCOPE:
The position is responsible for overseeing all related-risk functions for assigned BUs and must collaborate with business partners on risk management. Lack of appropriate controls could lead to monetary losses for M&T and/or criticism from regulators, which could result in a decrease to M&T’s rating by the Federal Reserve Bank. It is critical that the individual in this role has a background working in technology and cyber security. This position communicates with Senior, Middle and Line management on matters related to risk management for assigned BUs.

MINIMUM QUALIFICATIONS REQUIRED:
Bachelor’s degree and a minimum of three years’ banking experience including one year’s experience in risk management, compliance, audit or strategic consulting, or in lieu of degree, a combined minimum of seven years’ higher education and/or work experience including a minimum of one year’s experience in risk management, compliance, audit or strategic consulting.
A minimum of 2 years of Cybersecurity experience
Project management experience, including supervisory responsibilities.
Experience participating on cross-functional project teams.
Knowledge of risk analytics including the development, implementation and use of all relevant decision technologies within an operational and regulatory compliant framework.
Organizational and resource management skills.
Proficient with word processing and spreadsheet software.
Understanding of profitability and loss.
Excellent verbal and written communication, cross-functional collaboration and management skills.

IDEAL QUALIFICATIONS PREFERRED:
CISA and CISSP
5 years of Cybersecurity experience
Ability to make effective presentations to all levels of the organization.
Ability to maintain solid working relationships with business partners.
Ability to communicate concepts/theories and develop alternative recommendations.

ABOUT M&T
At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T. As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.

M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.