Senior Analyst - Technology and Cybersecurity Risk

$82,783 - $137,972/Yr

M&T Bank - Buffalo, NY

posted 7 days ago

Full-time
Buffalo, NY
Credit Intermediation and Related Activities

About the position

The Senior Analyst - Technology and Cybersecurity Risk at M&T Bank is responsible for executing security assessments to evaluate the effectiveness of cybersecurity controls. This role involves conducting vendor reviews, assessing security gaps, and ensuring compliance with the Bank's risk appetite. The analyst will prepare documentation, present findings to management, and mentor less experienced personnel while remaining current with industry trends and threats.

Responsibilities

  • Understand the enterprise and/or third party security architecture to identify security gaps.
  • Assess security controls to ensure protection of the confidentiality, integrity and availability of customer and corporate data.
  • Review effectiveness of security controls on an ongoing basis to determine whether the risk remains acceptable.
  • Prepare required systems and applications cybersecurity documentation within established SLAs, ensuring alignment with laws, regulations, and best practices.
  • Conduct and document security control assessments and reassess remediated controls when applicable.
  • Present technical information to technical and non-technical audiences to ensure understanding of security control results.
  • Accompany senior leadership on third party onsite visits, documenting results and presenting findings to risk committees.
  • Partner with lines of business to ensure cybersecurity documentation is completed and monitoring requirements are fulfilled.
  • Engage with Technology teams to identify security risks of proposed third party environments and recommend modifications.
  • Identify and present risk-related issues requiring escalation to management.
  • Remain current with industry trends and security threats to advise management on risk mitigation strategies.
  • Mentor less experienced personnel on Cybersecurity principles and application.
  • Promote an environment that supports diversity and reflects the M&T Bank brand.
  • Maintain internal control standards, including timely implementation of audit points and issues raised by regulators.

Requirements

  • Associates' degree and a minimum of 5 years' relevant work experience, or a combined minimum of 7 years' higher education and/or work experience including 5 years' relevant work experience.
  • Previous experience with NIST or Cybersecurity frameworks, particularly NIST 800-53 and 800-53a.
  • Strong knowledge of cybersecurity principles and industry best practices.
  • Proven knowledge of information technology security principles and implementation methods.
  • Skill in evaluating security controls based on confidentiality, integrity and availability requirements of systems.
  • Experience with handling multiple projects and meeting strict deadlines.
  • Experience overseeing project tasks for less experienced team members.

Nice-to-haves

  • Bachelor's degree
  • Active CISA, CAP, CISSP, CISM, or CRISC certification or related industry-recognized certification.
  • Working knowledge of NIST SP800-53 and 800-53a Controls or other recognized control frameworks.
  • Knowledge of organization's risk tolerance and risk management approach.
  • Working knowledge of project management methodology.
  • Strong knowledge of security technologies and architecture, including encryption and cloud network security design.
  • Knowledge of Cybersecurity threats and emerging security issues.
  • Experienced in conducting security control testing of systems.

Benefits

  • Competitive pay range of $82,783.41 - $137,972.36 Annual (USD).
  • Equal Opportunity/Affirmative Action Employer, including disabilities and veterans.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service