Career Search

Risk Process Business Analyst (Cybersecurity) - 3DHLS in Amherst, NY at M&T Bank

Date Posted: 8/10/2018

Job Snapshot

Job Description

M&T Bank

Cybersecurity Risk Business Analyst

Location: Buffalo, NY - preferred

Alternate Locations: Other locations within M&T footprint


Basic Function:
The person in this role will use their professional knowledge, skills, and experience to facilitate the prioritization and timely execution of Cybersecurity projects inclusive of the deliverables listed on approved Cybersecurity Strategy Roadmaps develop by the Cybersecurity Architect. Develops Project Charter and applies for funding. Ensures thorough understanding of functional and/or technical requirements necessary to develop comprehensive business requirements.  Oversees the development of business requirements.  Acts as project lead and liaison with Project Manager and Technical Lead to ensure business requirements are met and project meets established milestones. Adheres to the Bank’s project management methodology.  Responsible for facilitating moderately complex to complex projects from proposal through post implementation. 

Obtain a thorough understanding the Cybersecurity project queue and of the components of the Cybersecurity Roadmaps developed by the Cybersecurity Architect.  In conjunction with Subject Matter Experts, develop the associated Project Charter and comprehensive Business Requirements  and obtain estimates.  Working in conjunction with the Project Manager and Technical Lead, ensures business requirements are met and project adheres to milestones as defined in the project plan.  Uses proper judgement in the escalation of issues.  Acts as mentor to more junior staff assisting in application training, research analysis,  and project methodology consultation.


Upon receipt of estimates, apply for funding, resource allocation, and project prioritization.  Meet with Cybersecurity Management and Subject Matter Experts to discuss initiative ensuring a thorough understanding of requirements.  Chair project-level discussions with impacted departments to obtain input and feedback on requirements.  Work with vendor to gain thorough understanding of project functionality and provide insight on implementation, if applicable.


Participate in design discussions and document/deliver business requirements. 

Working directly with the assigned Project Manager, act on behalf of the Project Sponsor to complete assigned tasks.  This roles  is responsible for obtaining the funding, articulating the need and vision, establishing clear business objectives, defining project deliverables and scope and is the escalation point for decisions.


Act as business lead on moderately complex projects for Cybersecurity.  Provide mentoring and leadership to less experienced personnel.  Schedule and facilitate project team meetings as applicable.


Monitor functional specifications and change requests to ensure project stays within scope and meets regulatory requirements, while ensuring adherence to business requirements and Corporate Technology standards.  Provide recommendations to Project Sponsor for change requests and obtain approval.  Ensure the Bank process and documentation is followed to ensure adherence to Corporate Technology standards and regulatory requirements.


Ensure efficient and timely resolution of issues arising from testing or implementation to ensure expected performance.  Ensure issues, incidences, and questions are documented, reported, and resolved as required.


Assumes the role of Delivery Manager as needed.  In this role, supports Project Manager and Technology Lead with escalation of issues.  ​Oversees Vendor Management/ Relationship.  Participates and approves high-level delivery and execution strategy for project.  Participates in project oversight & governance discussions.


Coordinate and manage post-implementation by getting feedback, resolving any issues, and completing a debrief, including actual-to-plan for timeframe and financials.


Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.


Complete other related duties as assigned.


Minimum Qualifications:
2 years of college with at least eight years professional experience or an equivalent combination of education and experience.

Previous experience in two or more of the following areas: Cybersecurity, Identity & Access Management, Network Security, Cloud Technology and Security, Encryption.

Knowledge of NIST standards and controls, NIST SP800-53
SDLC experience.

Preferred Qualifications:

Bachelor degree preferred.


Strong customer-service orientation with excellent written and oral communication skills.

Previous Project Management experience.

Ability to effectively use project management, word processing and spreadsheet applications

Working knowledge of security systems and applications.

Working knowledge of the Bank's project management methodology.

Prior experience presenting to senior management.

Proven ability to recommend and implement solutions.







M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.