empty

Regulatory Specialist - Technology and Cybersecurity Risk

M&T Bank

Job Description

Posted on: 
November 25, 2024

Summary and company overview

Overview:

Guides the risk analysis process providing direction for risk mitigation. Collaborates with cross-functional risk, technology, cybersecurity, and business teams to enhance risk policies and contribute to organizational resilience.

Responsibilities

  • Formulate and implement risk management plans, inclusive of reporting and documentation, such as writing standards or reviewing non-compliance to standards, creating targeted risk assessments, or reporting on findings, or leading risk controls self-assessments.
  • Lead compliance efforts for respective function, ensuring adherence to industry regulations and standards through internal standards.
  • Partner strategically with cross-functional teams and senior leadership to ensure swift and effective action when events occur which are beyond or potentially beyond the Bank's risk appetite.
  • Assist with preparation and response to regulatory engagements, including preparing materials, coordinating responses from various individuals, aiding in exam management (template folders, collection of first day letter and follow-up requests).
  • Assess implications of new methodologies and recommend ways for Technology and Cybersecurity Risk leadership to innovate the risk management strategy and their integration while maintaining a proactive stance against potential risks.
  • Mentor newer analysts, fostering their professional growth and ensuring a high standard for all risk analysts within the team.
  • Recommend enhancements to Technology and Cybersecurity risk management training programs to increase technology's overall awareness and application of best practices.
  • Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
  • Promote an environment that supports diversity and reflects the M&T Bank brand.
  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

Job Requirements

Education and Experience Required:

  • Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience
  • Demonstrated advanced knowledge of Technology and Cybersecurity risk principles
  • Minimum of 4 years' relevant work experience in or with the specific Technology and/or Cybersecurity risk area and/or Regulatory Affairs/Compliance/Risk

Education and Experience Preferred:

  • Applicable certification align to function or domain such as Certified in Risk and Information Systems Control (CRISC®), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP)
  • Proficient level of critical thinking and able to lead problem solving
  • Excellent communication and interpersonal skills
  • Experience partnering with leadership to design solutions
  • Excellent ability to strategically seek critical information, and apply to specific processes
  • Prior experience prioritizing across competing priorities and quickly changing landscape, and deliver results aligned with priorities
  • Proficient persuasive communication skills to gain buy-in of others

Additional commentary

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $97,869.52 - $163,115.87 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America

Summary and company overview

Overview:

Guides the risk analysis process providing direction for risk mitigation. Collaborates with cross-functional risk, technology, cybersecurity, and business teams to enhance risk policies and contribute to organizational resilience.

Apply now