Principal Specialist - Technology and Cybersecurity Risk - Canada
Remote, Canada
M&T Bank
With a community bank approach, M&T Bank helps people reach their personal and business goals with banking, mortgage, loan and investment services.
Overview:
Leads risk analysis for the most complex initiatives, influencing and designing overarching risk framework and providing expert guidance to senior leadership for informed decision-making aligned with organizational imperatives.
Primary Responsibilities:
- Develop and implement strategic risk framework ensuring comprehensive coverage of all technology capabilities.
- Lead execution of strategic risk management framework and program that aligns practices with business objectives and regulatory requirements, including (but not limited to) developing complex process maps, responses to regulatory bodies and audit, and summary of complex findings.
- Optimize and implement frameworks, providing expert guidance and leading transformative efforts to achieve industry-leading technology risk compliance.
- Spearhead collaboration among cross-functional teams across the Bank and executive leadership to align technology practices with overarching business goals and regulatory requirements; maintain productive relationships with external stakeholders and/or with third-party engagements to ensure resiliency of Technology, Cybersecurity, and the overall Bank.
- Oversee preparation and response to regulatory engagements; may act as subject matter expert in regulatory meetings.
- Lead integration of advanced or complex risk management methodologies to drive innovation and to address evolving threats.
- Mentor and coach team members within department, fostering their professional growth and ensuring a high standard for all risk analysts within the team.
- Influence design and delivery of training programs to strengthen the Technology and Cybersecurity Risk function and enhance the ability to effectively manage technology and cybersecurity risk.
- Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
Scope of Responsibilities:
- This position primarily interacts with senior people leaders within the Technology and Cybersecurity teams, senior people leaders of Technology and Cybersecurity Risk, and across the bank, and internal partners such as Enterprise and Operational Risk, Internal Audit, Regulatory Affairs.
- Work is accomplished with periodic direction. The position exercises judgement in the majority of aspects of their role. It exerts significant latitude in determining strategy of approach and takes calculated risks with consultation from expert.
- This role may present to Regulators under the direction of senior Technology and Cybersecurity Risk leaders.
Supervisory/Managerial Responsibilities:
No supervisory responsibilities.
Education and Experience Required:
- Bachelor's degree and a minimum of 9 years’ relevant work experience, or in lieu of a degree, a combined minimum of 13 years’ higher education and/or work experience
- Demonstrated expert knowledge of Technology and Cybersecurity risk principles
- Minimum of 8 years' relevant work experience in and/or with the specific risk area and/or business unit
Education and Experience Preferred:
- Master's degree in Information Technology, Computer Science, Cybersecurity, Law, Business Administration, or related field
- Applicable certification align to function or domain such as Certified in Risk and Information Systems Control (CRISC®), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP)
- Demonstrated ability to indirectly lead strategic direction of team
- Excellent communication and interpersonal skills; proven ability to effectively convey message to technical and business leaders
- Experience partnering with leadership to design solutions aligned with business needs
- Excellent ability to strategically seek critical information, and apply across a broad array of processes
- Prior experience prioritizing across competing priorities and quickly changing landscape, and execute outcomes aligned with priorities
- Experience effectively influencing senior leaders
- Excellent mentoring and leadership capabilities
Physical Requirements:
LocationToronto, Ontario, Canada* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Job stats:
4
0
0
Category:
Compliance Jobs
Tags: CISA CISM CISSP Compliance Computer Science CRISC Risk analysis Risk management RMF Strategy
Perks/benefits: Startup environment
Regions:
Remote/Anywhere
North America
Country:
Canada
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Cloud Security Engineer jobsSenior Security Analyst jobsInformation System Security Officer jobsInformation Security Manager jobsInformation Security Specialist jobsSenior Cybersecurity Engineer jobsSenior Network Security Engineer jobsSecurity Consultant jobsIT Security Engineer jobsCyber Security Specialist jobsSecurity Specialist jobsSenior Penetration Tester jobsSenior Information Security Analyst jobsSenior Cyber Security Engineer jobsChief Information Security Officer jobsInformation System Security Officer (ISSO) jobsSystems Engineer jobsIT Security Analyst jobsSystems Administrator jobsPrincipal Security Engineer jobsCloud Security Architect jobsSenior Product Security Engineer jobsStaff Security Engineer jobsSecurity Operations Analyst jobsCybersecurity Specialist jobs
Forensics jobsCI/CD jobsKubernetes jobsEncryption jobsSDLC jobsIDS jobsSaaS jobsSplunk jobsEDR jobsIPS jobsBash jobsOWASP jobsRMF jobsSQL jobsTop Secret jobsIntrusion detection jobsCompTIA jobsThreat detection jobsFinance jobsITIL jobsDocker jobsDoDD 8570 jobsCRISC jobsActive Directory jobsVPN jobs
OSCP jobsGIAC jobsBanking jobsTCP/IP jobsUNIX jobsHIPAA jobsTerraform jobsSANS jobsClearance Required jobsSOX jobsIT infrastructure jobsMITRE ATT&CK jobsSOC 2 jobsCISO jobsIndustrial jobsJavaScript jobsDNS jobsCCSP jobsData Analytics jobsJira jobsPolygraph jobsAnsible jobsSOAR jobsSecurity strategy jobsCyber defense jobs