The Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT/OPT or the Stem OPT extension.
This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.
We are seeking a highly skilled and experienced Azure Cloud Cybersecurity Product Security Specialist to join our dynamic and fast-paced cybersecurity team. In this role, you will act as a player-coach, working closely with application developers, architects, and security teams to ensure that applications are designed, developed, refactored, and re-engineered securely. The ideal candidate will have deep expertise in Azure cloud environments and will play a critical role in guiding security best practices in a highly regulated banking organization.
You will be responsible for driving secure development practices within teams, while also acting as a mentor and coach to junior security team members and developers. This is a hands-on technical leadership role where you will collaborate daily with development teams, providing both strategic guidance and practical support to ensure the security of cloud-based applications.
Hands-on Development Support: Work day-to-day with developers and DevOps teams to integrate security into the application lifecycle, including design, refactoring, and re-engineering of applications in Azure environments.
Security Best Practices: Lead the development and implementation of secure coding and development practices, including threat modeling, secure code reviews, and risk-based security assessments.
Cloud Security Expertise: Provide deep technical guidance on Azure cloud security, including identity and access management (IAM), encryption, network security, container security, and more.
Leadership & Mentoring: Act as a player-coach by leading by example in technical engagements while mentoring junior security engineers and developers on secure coding and development practices.
Compliance & Regulation: Ensure all application development meets the rigorous standards of the banking industry and adheres to regulatory requirements (e.g., FFIEC, NIST, GDPR, SOX).
Risk Management: Identify, assess, and mitigate security risks throughout the application development lifecycle, ensuring proactive measures are in place to protect sensitive data and services.
Collaboration: Work closely with cross-functional teams including product owners, system architects, and infrastructure teams to ensure security is built into the organization’s cloud solutions from the ground up.
Security Automation: Champion the use of automation in security testing, secure CI/CD pipelines, and DevSecOps practices to enhance security posture and streamline processes.
Incident Response: Be part of the team that develops response protocols for application security incidents and helps manage incident resolution, including root cause analysis and remediation.
Continuous Improvement: Stay up-to-date on emerging security threats, Azure security features, and regulatory changes to continuously improve the security of applications and systems.
Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
Combined minimum of 10 years’ higher education and/or experience in systems design, management, and/or architecture
Thorough understanding of the system development and infrastructure lifecycle and architecture, vendor best practices, IT Service Management, and systems design
Bachelor’s degree in Computer Science or Computer Engineering
Minimum 10 years’ professional experience in a technical engineering position involving infrastructure design technologies, data management and interchange, system design and/or development for complex applications
Ability to translate complex business/functional requirements into structured high quality implementations using any variety of industry standard approaches
Demonstrated ability to develop alternative solutions to complex problems and recommend the best solution to the technology business, and project teams
Advanced technical skills
Advanced analytical skills
Advanced troubleshooting skills
Advanced problem solving skills
#LI-JB3 #Hybrid
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $130,795.52 - $217,992.53 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.