Cybersecurity Insider Threat Risk Analyst

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview:   

Cybersecurity Insider Threat (CIT) Risk Analysts play a crucial role in identifying, assessing, and mitigating risks by understanding critical business operations, the workflows associated to those operations, and the access to systems and data required to perform the necessary operations. Their responsibilities focus on evaluating potential risks posed by employees, contractors, and trusted third parties and developing strategies to reduce the impact of these threats. Their understanding of the evolving footprint of M&T Bank (critical businesses, mergers and acquisitions, cost saving initiatives, regulatory changes and requirements, etc.) is required for the continuous improvement of the Cybersecurity Insider Threat Program (CITP).

Primary Responsibilities:

• Create policies and processes to assist Cybersecurity with consistently monitoring and securing organization.
• Participate in the development, review, and update of strategies, policies and procedures pertaining to various governance areas.
• Research and analyze industry best practices and regulatory requirements and make recommendations for policy enhancements to improve resiliency and security of organization.
• Maintain and implement systems and processes for monitoring compliance to policies and procedures and identifying data for daily business management.
• Analyze and produce insightful reports with recommendations for Cybersecurity senior leadership.
• Partner with Cybersecurity, Technology, and First Line Risk teams and, at times, business lines to proactively mitigate risk through creation of robust policies and procedures.
• Coordinate responses to audit and regulatory requests, by gathering data and actively participating in documentation reviews for accuracy.
• Collaborate with Cybersecurity teams and managers to create process documentation, reporting, and performance metrics.
• Coordinates various aspects of remediation activities by tracking team completion and drafting key actions, timeline, and communication plan.
• Build relationships among stakeholders in Cybersecurity teams to ensure successful creation and implementation of processes.
• Serve as a resource to Cybersecurity teams and managers to educate and assist with projects.

• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• Partners with peers, manager, Cybersecurity team and leadership, First Line Risk team, Internal Audit team, and external auditors
• Determines and develops approach to solutions. Work is evaluated upon completion to ensure objectives have been met. Work is accomplished with periodic check-ins for alignment and limited direction.
• Working knowledge of multiple cybersecurity platforms and applications within function

Education and Experience Required:

• Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience inclusive of a minimum 2 years’ work experience in Cybersecurity, Technology, or Risk/Audit
• Demonstrated intermediate knowledge of cybersecurity principles and compliance requirements.

Education and Experience Preferred:

• Working knowledge of multiple cybersecurity platforms and applications within function
• Proficient level of thinking critically and solving problems
• Excellent written and verbal communication skills
• Proven experience collaborating with leaders to execute results.
• Demonstrated intermediate knowledge of technology risk principles and compliance requirements
• Demonstrated ability to translating technical requirements into clear policies and procedures.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $93,581.10 - $155,968.51 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

LocationBuffalo, New York, United States of America