This role offers a hybrid work schedule at our Wilmington, DE Tech Hub.
Overview:
Supports an assigned portfolio through secure architect and design of comprehensive solutions to meet product needs ensuring secure controls for systems and applications. Works collaboratively with other Cybersecurity Architects to assist in the creation of solutions that align to architecture standards and principles, leveraging common solutions and services, while meeting financial targets and ensuring alignment with enterprise risk appetite.
Primary Responsibilities:
- Collaborate with peers, Cybersecurity, and Technology teams on the design, build, testing and secure deployment of technology solutions.
- Collaborate with engineers and Technology architects to understand business drivers and capabilities, future and current state, and determine corresponding secure solution designs in partnership with Cybersecurity team.
- Produce, enhance, and refine conceptual, logical, and physical solution architecture for strategic initiatives ensuring systems are aligned with organizational security strategy.
- Work with technology subject matter experts to articulate the value and tradeoff of the secure architecture solution options.
- Partner with team to create security architecture standards and evaluate the quality and compliance of delivered solutions to ensure alignment with those standards.
- Collaborate with stakeholders on initiatives in Agile team ceremonies to ensure secure design and execution are incorporated into technologies.
- Ensure that acquired or developed systems and architectures are consistent with organization's cybersecurity architecture guidelines and external regulations.
- Lead improvement initiatives within assigned portfolio, implementing best practices and optimizing processes to enhance security capabilities
- Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
- Promote an environment that supports belonging and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
Scope of Responsibilities:
- Partners with individual contributors and leaders within Cybersecurity and Technology, and occasionally senior leaders within Cybersecurity
- Exercises judgement in selecting methods, techniques, and criteria in executing objectives. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
- Advanced ability to use multiple Cybersecurity and Technology tools, platforms, and/or technology stacks, specific to function
Supervisory/Managerial Responsibilities:
No supervisory responsibilities.
Education and Experience Required:
- Bachelor’s degree and 5 years of relevant work experience, or in lieu of a degree, a combined minimum of 9 year's higher education and/or relevant work experience
- Prior experience in cybersecurity engineering, cybersecurity architecture, and/ or enterprise architecture
- Prior experience in partnering with application development teams including Secure Development Life Cycle (SDLC), development and operations (DevOps), and Agile development practices
Education and Experience Preferred:
- Graduate degree in technical discipline
- Industry recognized certification in programming languages, cybersecurity, and/or cloud technologies/providers
- Minimum of 5 years' work experience in Cybersecurity or technical domains
- Minimum of 5 years' work experience in an Agile environment
- Minimum of 3 years' work experience in a DevOps environment
- Minimum of 2 years' work experience in a cloud environment with infrastructure as code
- Minimum of 3 years' work experience with secure development methodologies, such as Software Development Life Cycle (SDLC) and DevSecOps
- Demonstrated experience working in a highly regulated industry (e.g., finance, healthcare, government) and advanced understanding of pertinent regulatory framework
- Working knowledge of third party risk management, software as a service, and similar concepts
- Advanced knowledge of orchestration, containerization, and virtualization
- Experience establishing, developing and/ or re-engineering program capabilities and practices
- Advanced understanding of the security system development and infrastructure lifecycle and architecture, and systems design
- Intermediate understanding of legacy infrastructure and cloud based environments
- Strong ability to analyze and draw reliable conclusions based on large volumes of quantitative data from diverse sources
- Demonstrated ability to translate architecture into technical requirements
- Excellent communication and interpersonal skills
- Experience partnering with leaders to design solutions to business needs
- Proficient persuasive communication skills to gain buy-in of others
- Ability to effectively serve in an indirect leadership role
Location
Wilmington, Delaware, United States of America