THIS ROLE WILL BE HYBRID 4 DAYS/WEEK (1 DAY REMOTE) OUT OF: BUFFALO NY, BRIDGEPORT CT, ISELIN NJ, or WILMINGTON DE. MUST BE WITHIN A COMMUTABLE DISTANCE OR WILLING TO RELOCATE

Overview:

• Leads and executes audits over the Bank’s Cybersecurity and Information Technology (IT) functions. Responsible for overseeing and executing annual risk assessments, audit examinations, continuous auditing & monitoring, and remediation plan validations.  Communicate audit progress and findings to Bank management and oversee Auditors (as applicable) on assigned audit activities.  

Primary Responsibilities:

• Lead and participate in audits from planning to reporting and produce quality deliverables in accordance with the Division’s methodology and professional standards while ensuring timely completion.
• Plan and execute other assurance activities (including continuous monitoring & auditing, product delivery assessments, validation procedures, investigations, and retrospective reviews) utilizing modernized assurance methodologies, tools, and approaches and in accordance with the Division’s methodology.
• Write audit findings that clearly identify risk and root cause.  Communicate findings to Bank management in a timely fashion.
• Partner with stakeholders, business management and Risk Management establishing strong working relationships while maintaining independence.
• Embrace innovative change and help the team adapt to change.
• Effectively incorporate data analytics and other automation techniques into all phases of audits and other activities.
• Maintain knowledge in the assigned subject matter discipline.
• Coach, develop and oversee work of Auditors and new hires, including executing review and supervision.
• Embrace and exemplify the culture of engagement and belonging.
• Contribute to the achievement of Division priorities.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite.  Identify risk-related issues needing escalation to management.
• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• This position leads and executes assurance activities, maintains relationships, and communicates with Bank management, and oversees Auditors.  The position ensures activities are in conformance with professional auditing standards.  The jobholder reports to an Audit (Senior) Manager.

Supervisory/Managerial Responsibilities:

Education and Experience Required:

• Bachelor’s degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 5 years’ relevant work experience
• Experience with internal audit methodology
• Solid understanding of internal control concepts
• Experience evaluating adequacy of controls
• Experience coaching and developing others
• Proven analytical skills
• Proven critical thinking skills
• Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
• This individual must be an articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style.

Education and Experience Preferred:

• Bachelor’s degree in Accounting, Business, Finance, Technology, Cybersecurity, Mathematics, Statistics, or related technical field
• MBA or Master’s Degree in an appropriate field
• Related professional certifications (CIA, CPA, CISA, CISSP, cloud certification, or similar)
• Financial services industry experience
• Strong experience in cybersecurity and infrastructure auditing (preferably in the banking/financial services sector)
• Working knowledge of cloud computing risks and related controls frameworks
• Working knowledge of modern delivery practices and supporting tech (agile, DevOps tools, etc.)
• Understanding of regulatory requirements as they relate to cybersecurity and technology in the financial services industry

#LI-RS1

Location