The Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT/OPT or the Stem OPT extension.

　　This role offers a hybrid work schedule; offering the flexibility to work from home two days a week, while providing the opportunity for in-person collaboration.

　　This position is available in Buffalo, NY

　　About M&T Bank

　　At M&T Tech, we’re a team of makers, doers, and builders, working to create the most advanced technology solutions in banking. We’re not your stereotypical suit and tie bankers: we’re an innovative team of leading tech experts, pushing boundaries, and taking risks. We’re building an agile team of the most skilled and creative workers to solve complex problems, architect solutions, write high-performance software, and chart our new path, all to make the lives of our customers, and the communities that we serve, better. Join us and be part of something new as we build tomorrow’s bank, today.

　　Job Description Summary:

　　Coordinates with Cybersecurity teams, stakeholders, and leadership to provide framework, design, threat, posture analysis, and reporting.

　　Provides advice for Disaster Recovery, Contingency and Continuity of Operations Plans.

　　Provide designs, solutions, and highly technical direction in development of new or existing programs.

　　Using analytical skills, technical skills, available technology, and tools, serves as principal application designer for major modifications in evaluation of client requirements and processes.

　　Expectations:

　　Complete daily support activities and participate in special projects

　　Provide technologically sound solutions

　　Acts as a mentor to team peers

　　Primary Responsibilities:

　　Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources and develop proactive solutions to maintain or improve security posture.

　　Support development, implementation and execution of various operational risk and compliance-related initiatives, systems, and processes.

　　Assist in providing centralized governance, compliance and risk management expertise to business lines, support functions and managers concerning information security and privacy regulatory compliance and/or risk management and Information Technology and Bank Operations on applicable information security and privacy regulations concerning financial institutions.

　　With collaboration from senior team members, provide guidance, testing plans and/or survey documents used by business units ensuring conformance to established compliance, regulatory, best practice and risk management programs.

　　Identify potential conformance issues, review with supervisor or senior professionals and provide to functional areas requiring improvements.

　　Responsible for extensive contact with Operations, Technology and business unit personnel in a training and auditing capacity.

　　Support functions, systems and processes critical to meet regulatory, legal and risk mitigation requirements and reduce risk of fines and penalties resulting from non-compliance impacting profitability.

　　Interact with various internal and external audit and regulatory examination personnel.

　　May assist with replies to questionnaires sent to the Bank and follow-up on questions or comments to external agencies when required.

　　Provide guidance and mentoring to less experienced team members up to and including development and training efforts.

　　Responsible for regular interaction with middle management, supervisors, associated staff, Internal Audit, Compliance, Risk Management, the Corporate Information Security Officer (CISO), Chief Counsel's Office (CCO), and/or other technology personnel, clients and vendors.

　　May interact, coordinate, and lead initiatives with internal and outside teams and external professional organizations supporting areas of expertise.

　　Oversee documentation and communication efforts through proposed new approaches, methods, technologies, or breakthroughs in area of expertise and coordinate efforts with less experienced team members to ensure accuracy and timeliness.

　　May conduct, oversee, and lead governance, compliance and risk management functions, ad-hoc projects as a technical representative and subject matter expert (SME) on information security as assigned.

　　Oversee, coordinate, and leads activities of other team members on projects ranging in scope from small to large, with prior project lead activities.

　　Monitor staff performance on assigned projects with regard to overall abilities and effectiveness in completing projects within schedules and provides oversight and guidance to ensure timely and accurate project completion.

　　Provide backup to higher management and may act on behalf or as a surrogate leader as required.

　　Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.

　　Promote an environment that supports diversity and reflects the M&T Bank brand.

　　Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

　　Complete related duties as the role of this position grows.

　　Common Activities:

　　Review daily network events in the network Intrusion Prevention System to find and implement tuning opportunities as well as emerging threats to prevent.

　　Expand network Intrusion Prevention System applicability and feature set.

　　Review firewall rules submitted by application teams representing the business to ensure they meet Cybersecurity Standards and best practices.

　　Continuously improve the firewall rule rubric in observance and comparison to the current implementation's business risk.

　　Automate the firewall rule review process to reduce manual review efforts and allow scalability as business needs increase.

　　Assist with the onboarding of IPS and Firewall events into an enterprise Security Information and Event Management (SIEM) system.

　　Education and Experience Required:

　　Associates’ degree in an applicable discipline and a minimum of 6 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree; a combined minimum of 8 years’ higher education and/or work experience, including a minimum of 6 years’ relevant experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations

　　Understanding of the System Development Life Cycle (SDLC), networking concepts and protocols, and network security methodologies

　　Experience researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning

　　Detailed technical experience with mainframe, distributed computing environments and network security architecture concepts including topology, protocols, components and principles

　　Prior experience and demonstrated aptitude for quickly learning multiple new technical skills and supporting multiple systems, tools and processes

　　Experience actively leading complex problem and technical analysis walkthroughs

　　Detailed technical experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), attack methodologies and traffic flows for threats and vulnerabilities.

　　Detailed technical knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

　　Experience acting as a surrogate team leader to assign, review, evaluate and prioritize team efforts.

　　Education and Experience Preferred:

　　Bachelor’s degree in an applicable discipline

　　Experience with the Bank's application development support software and hardware platforms

　　Experience introducing application development alternatives through an understanding of client area function and deliverable requirements for current and future-state planning.

　　Extensive technical experience with mainframe, virtual, and/or distributed computing environments

　　CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified Risk and Information Systems Control) certification and one or more Cybersecurity domain-related industry-recognized certification or concentration specialties

　　Experience supporting multiple systems, tools, and processes.

　　M&T Bank is a Top 11 US bank holding company and one of the best performing and financial stable regional banks in the country, we offer our technology employees a wide range of performance-based career development opportunities. We have a strong commitment to our customers and the communities we serve, and we continue to grow with a focus on the future. So, when looking to advance your career, look to M&T. Grow with us.

　　.

　　We support our team members with generous benefits.

　　Competitive compensation

　　Health, welfare, and retirement benefits

　　401(k) match at 5%

　　Work-life balance and flexible work arrangements

　　Up to 25 days PTO plus 12 paid holidays

　　#MTBTechCareers, #MTBCareers #MTBTechLife & #MTBTechHub #CybersecurityJobs #InfosecJobs #CybersecurityCareer #Hiring #JobOpening #ITJobs #TechJobs #CISSP #Cybersecurity

　　#cybersecuritysolutions #cybersecurityarchitecture #securitymanagement #informationsecurity #cybersecurityleadership #securitysolutions #cybersecuritystrategy #cybersecuritymanagement #securearchitecture #ITsecuritysolutions #networksecurity #cybersecurityprofessional #securityconsulting #securityassessment #cybersecurityteam #riskmanagement #datasecurity #cloudsecurity #cybersecurityawareness #cybersecurityexpert

　　M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $110,635.01 - $184,391.68 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

　　Location:

　　Buffalo, New York, United States of America

　　M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer, including disabilities and veterans.