This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration.
**This position is available in Buffalo, NY**
About M&T Bank:
At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T. As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance-based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative, and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.
As a Cybersecurity Solutions Cloud Architect, you will be part of a cross functional team of Security Architects and Security Engineers that are working to design & build M&T’s cloud environments. The primary focus is on Microsoft Azure. Your specific role on the team is to determine necessary security controls based upon a risk-based assessment of the systems and applications being deployed. You will comprehensively evaluate proposed architectures to determine and document the security impacts of all system components. This evaluation will be based on M&T supported Standards and Security Control Frameworks. You will develop relationships with the agile teams you support, understand their requirements, and apply your advanced technical knowledge to ensure security is ‘baked into’ all solutions these teams produce. You will advocate and provide guidance on secure practices among various enterprise IT teams through architecture reviews.
You must have proven experience designing and implementing solutions that run on Microsoft Azure, with exposure to infrastructure automation and DevOps practices using Azure’s IaaS, PaaS, and SaaS capabilities. You must have strong architecture skills in both application & infrastructure e.g., you understand the fundamental architecture principles but may not necessarily specialize in specific programming languages/technologies. Ideally you will have held a cloud security architecture position within an organization that is mature in their cloud migration journey, and you will be able to anticipate pain points and security concerns from that experience. You will need to be an excellent communicator, adept in articulating the bank’s security posture to developers, engineers, and other architects. It is essential that you are a team player that enjoys an environment of collaboration, positive input, and continuous learning.
- Work in close collaboration with Engineering teams that are designing M&T’s cloud- based capabilities, along with Business aligned technical teams that are leveraging the services.
- Identify policies that support required controls and determine how they can be systematically enforced and incorporated into a Continuous Monitoring program
- Evaluate and help develop security patterns using the systematically enforced polices. Provide guidance to application development teams on incorporating these repeatable patterns into their designs.
- Understand enterprise architecture including to identify security gaps, develop controls and design solutions meeting business objectives while complying with security standards.
- Recommend appropriate security controls to protect confidentiality, integrity and availability of customer and corporate data in line with the enterprise risk appetite.
- Document and verify recommended security controls are aligned with Bank policies and standards as well as industry best practices, ensure proper documentation of exceptions to standards and/or recommend mitigating controls.
- Prepare Communicate required systems and applications security controls to owners and/or technical leads and prepare auditable documentation, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
- Present technical information to technical and non-technical audiences to ensure business understanding of security controls and recommendations. Present recommendations to various levels within the organization including senior management.
- Communicate required systems and applications security controls to owners or technical leads, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
- Engage with Technology teams and management to identify security risks of proposed projects and recommend system and application modifications.
- Remain current with industry trends and security threats to advise management on how to mitigate and contain risks to the business. Prepare and deliver management level presentations to communicate trends and threats.
- Mentor less experienced personnel on Cybersecurity principles and application, in relation to Bank standards.
- Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
Education and Experience Required:
- Minimum of 2 years’ higher education and 7 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 7 years’ relevant work experience
- Strong knowledge of cybersecurity principles and industry best practices, relevant to confidentiality, integrity, and availability
- Proven knowledge of information technology security principles and their implementation methods (e.g., firewalls, encryption, key vaults, authentication & authorization, identity governance & management. Active Directory and Azure security policies, network segmentation, privileged access, EDR, SAML, DLP, CASB, MFA, IDS/IPS, DDOS, SIEM, WAF, UBA)
- Experience selecting security controls based on confidentiality, integrity, and availability requirements of systems
Education and Experience Preferred:
- Bachelor's degree
- CISSP (Certified Information Systems Security Professional) or CISM CRISC(Certified Information Security Manager) certification or Cybersecurity domain-related industry-recognized certification
- Cloud computing certifications including Azure Security Engineer (AZ-500), Azure Solutions Architect (AZ-303, AZ-304) and Azure Network Engineer (AZ-700).
- Certification or working knowledge of AWS and Google Cloud Platform would also be of value.
- Knowledge of Risk Management and Mitre Attack frameworks
- Knowledge of compliance monitoring solutions such as Netskope of Palo Alto Prisma
- Working knowledge of Agile methodology
- Knowledge of organizational security policies, standards, and procedures
- Working knowledge of project management methodology
- Knowledge of organization's risk tolerance and/or risk management approach
- Strong knowledge of security technologies and architecture, including encryption, cloud network security design, role-based access control, perimeter security and application security
- Knowledge of Cybersecurity threats
- Knowledge of emerging security issues
- Knowledge of risk management framework requirements
- Knowledge of security assessment and authorization process
- Experience developing or recommending analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists
- Experienced in conducting security review of systems
- Working knowledge of the current version of the NIST (National Institute of Standards & Technology) SP800-53 Controls, or other recognized control frameworks, such as COBIT (Control Objectives for Information and Related Technology) or ISO
- Knowledge of the Consensus Assessment Initiative Questionnaire (CAIQ) and/or Cloud Security Alliance Cloud Controls Matrix (CCM).
M&T Bank is a Top 11 US bank holding company and one of the best performing and financial stable regional banks in the country, we offer our technology employees a wide range of performance-based career development opportunities. We have a strong commitment to our customers and the communities we serve, and we continue to grow with a focus on the future. So, when looking to advance your career, look to M&T. Grow with us.
We support our team members with generous benefits.
- Competitive compensation
- Health, welfare, and retirement benefits
- 401(k) match at 5%
- Work-life balance and flexible work arrangements
- Up to 25 days PTO plus 12 paid holidays
#MTBTechCareers, #MTBTechLife & #MTBTechHub #Cybersecurity #SolutionsArchitect #CISSP #Azure #cloud #CRISC
Buffalo, New York, United States of America