This role offers a hybrid work schedule providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview:   

As a key leader within M&T Bank’s Cybersecurity Governance organization, you are responsible for aligning cybersecurity policies, procedures, and controls with the Bank’s strategic objectives, regulatory obligations, and enterprise risk management framework. This role requires a strong blend of technical acumen, regulatory expertise, and leadership capability to assess, prioritize, and manage cybersecurity risks across the organization. You will drive governance initiatives, ensure compliance, and foster cross-functional collaboration to enhance the Bank’s security posture.

Primary Responsibilities:

• Strategic Governance Leadership

• Lead the development, implementation, and continuous improvement of cybersecurity governance strategies, policies, and procedures.
• Oversee governance routines and forums, ensuring alignment with enterprise risk and compliance frameworks.
• Establish and maintain processes to monitor adherence to cybersecurity policies and standards.
• Build and sustain strong partnerships across Cybersecurity, Technology, First Line Risk, and Business Risk teams to drive governance maturity.
• Analyze risk and control data to inform strategic decisions and provide actionable insights to senior leadership.
• Guide teams in the development and execution of remediation plans, ensuring timely and effective resolution of identified risks.
• Champion a culture of risk awareness and regulatory compliance across the organization.

• Audit & Compliance Oversight

• Lead the coordination and execution of responses to internal and external audits, regulatory inquiries, and risk assessments.
• Collaborate with domain owners to prepare for audits and ensure accurate, consistent documentation.
• Manage the closure of audit findings and ensure timely remediation of identified gaps.
• Maintain internal control standards and oversee implementation of audit and regulatory recommendations.

• Regulatory & Legal Alignment

• Monitor and interpret evolving regulatory requirements and industry best practices to inform governance enhancements.
• Update policies and controls in response to regulatory changes and emerging threats.
• Serve as a subject matter expert to educate and advise Cybersecurity teams and stakeholders on governance requirements.

• Metrics & Reporting

• Partner with Cybersecurity leaders to develop and refine process documentation, performance metrics, and reporting frameworks.
• Promote continuous improvement and organizational maturity through data-driven insights.
• Foster an inclusive environment that reflects M&T Bank’s values and commitment to diversity.

• Scope of Influence

• Collaborates with senior leaders across Cybersecurity, Risk, Audit, and external regulatory bodies.
• Exercises independent judgment and strategic decision-making in complex governance matters.
• Operates with significant autonomy and accountability for outcomes.

Scope of Responsibilities:

• Primary partners: CISO, Cybersecurity Directors and Senior Managers
• Stakeholders: Technology team and the Bank
• Work is accomplished with minimal direction; strategizes team goals based on Cybersecurity imperatives.
• Oversees a minimum of 2 functions/teams within Cybersecurity.
• This role may present to Regulators.
• Accountable for informing and meeting budget for functions/teams they oversee.

Education and Experience Required:

• Bachelor's degree and a minimum of 7 years’ relevant work experience, or in lieu of a degree, a combined minimum of 11 years’ higher education and/or work experience with at least 4 years in Cybersecurity or Technology.
• Advanced knowledge of cybersecurity principles, risk management, and regulatory compliance.
• Familiarity with major U.S. banking regulations and frameworks (e.g., FFIEC, GLBA, Federal Reserve guidelines).

Education and Experience Preferred:

• Proven ability to lead cross-functional initiatives with minimal direction.
• Experience conducting risk assessments, audits, and compliance reviews.
• Strong communication skills with the ability to translate technical concepts for diverse audiences.
• Demonstrated success in driving governance, risk, and compliance (GRC) activities in partnership with senior leadership.

 #LI-JB3 #Hybrid

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $130,795.52 - $217,992.53 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America