Career Search

Senior Auditor IT – Enterprise Security (Cyber, Physical, BCP/DR) - 3DJO1 in Buffalo, NY at M&T Bank

Date Posted: 9/11/2018

Job Snapshot

Job Description

Senior Auditor IT – Enterprise Security (Cyber, Physical, BCP/DR)
Buffalo, NY


Opportunity:
This position is responsible for the execution of internal audit examinations over the Bank’s cybersecurity, physical security, privacy and business continuity management programs ensuring the timely and professional execution of the examinations in accordance with professional standards.   
Responsibilities:
  • Plan and coordinate the execution of audit examinations and validation procedures in accordance with the Internal Audit Department’s audit methodology and professional standards.  Work with the Cybersecurity Audit team to establish appropriate budgets and timeframes for these examinations; 
  • Independently document and communicate recommendations to Bank Management in order to improve internal controls and reduce risk to the organization;
  • Responsible for becoming familiar with the organization’s cybersecurity program and cyber risk management practices to assess whether collectively the program effectively addresses cyber threats to the organization;
  • Working with the Cybersecurity Audit team to keep abreast of emerging cyber threats and risks both within and outside of the organization, and apply gained knowledge to audit practices;
  • Directly communicate with Middle and Line Management to discuss audit approach, identified risks, and proposed recommendations; and
  • Maintain ongoing communication with the 1st and 2nd line Cybersecurity Risk Management/Oversight organizations to align assurance activities, share risk information, etc.

Minimum Qualifications:
Bachelor’s Degree in a related field, preferably Computer Science or Management Information Systems. 4 years of relevant professional work experience (i.e. auditing/banking/technology) or in lieu of education 8 years of relevant experience.  
General knowledge of audit theory, banking industry, or related technologies. 
Relevant professional certification, or actively pursuing professional certification. 
 
Ideal Qualifications:
  • Experience in cybersecurity auditing (preferably in the banking/financial services sector);
  • Understanding of security risks specific to cloud computing and digital banking
  • Knowledge of information security/cybersecurity frameworks/standards such as ISO 27001 and NIST standards (inclusive of the Cybersecurity Framework);
  • Understanding of cybersecurity risk governance and cybersecurity risk management concepts;
  • Excellent verbal and written communication skills;
  • Proven ability in managing multiple audits, projects and initiatives simultaneously under tight deadlines;
  • Proven leadership skills, with the ability to develop and motivate teams;
  • Strong PC skills; and
  • Strong organizational and resource management skills


ABOUT M&T
At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T. As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.