Internal Audit: IT Lead Auditor - Cybersecurity

About The Position

Requirements

• Bachelor’s degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 5 years’ relevant work experience
• Experience with internal audit methodology
• Solid understanding of internal control concepts
• Experience evaluating adequacy of controls
• Experience coaching and developing others
• Proven analytical skills
• Proven critical thinking skills
• Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
• This individual must be an articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style.

Nice To Haves

• Bachelor’s degree in Accounting, Business, Finance, Technology, Cybersecurity, Mathematics, Statistics, or related technical field
• MBA or Master’s Degree in an appropriate field
• Related professional certifications (CIA, CPA, CISA, CISSP, cloud certification, or similar)
• Financial services industry experience
• Strong experience in cybersecurity and infrastructure auditing (preferably in the banking/financial services sector)
• Working knowledge of cloud computing risks and related controls frameworks
• Working knowledge of modern delivery practices and supporting tech (agile, DevOps tools, etc.)
• Understanding of regulatory requirements as they relate to cybersecurity and technology in the financial services industry

Responsibilities

• Lead and participate in audits from planning to reporting and produce quality deliverables in accordance with the Division’s methodology and professional standards while ensuring timely completion.
• Plan and execute other assurance activities (including continuous monitoring & auditing, product delivery assessments, validation procedures, investigations, and retrospective reviews) utilizing modernized assurance methodologies, tools, and approaches and in accordance with the Division’s methodology.
• Write audit findings that clearly identify risk and root cause.
• Communicate findings to Bank management in a timely fashion.
• Partner with stakeholders, business management and Risk Management establishing strong working relationships while maintaining independence.
• Embrace innovative change and help the team adapt to change.
• Effectively incorporate data analytics and other automation techniques into all phases of audits and other activities.
• Maintain knowledge in the assigned subject matter discipline.
• Coach, develop and oversee work of Auditors and new hires, including executing review and supervision.
• Embrace and exemplify the culture of engagement and belonging.
• Contribute to the achievement of Division priorities.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite.
• Identify risk-related issues needing escalation to management.
• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Benefits

• medical
• retirement
• forty hours of paid volunteer time, each year