As a Cybersecurity Solutions Cloud Architect, you will provide specialized assessment of security controls for systems and applications, primarily hosted in the Microsoft Azure environment.  You will comprehensively evaluate system and application architectures and apply deep technical expertise to understand and document the security impacts of all system components of your designs based on M&T Cybersecurity and Technology standards.  You will develop relationships with the agile teams you support, understand their requirements, and apply your advanced technical knowledge to ensure security is “baked into” all solutions your teams produce. You will advocate and advance secure practices among various enterprise IT teams through architecture reviews.  You must be a self-starter and possess superior time management skills because as much of your work requires outreach to the teams you support and managing a queue of requests with competing priorities.


You must have proven experience designing and implementing solutions that run on Microsoft Azure, with exposure to infrastructure automation and DevOps practices using Azure’s IaaS, PaaS, and SaaS capabilities.   You must have strong architecture skills in both application & infrastructure e.g., you understand the fundamental architecture principles but may not necessarily specialize in specific programming languages/technologies.  Ideally you will have held a cloud security architecture position within an organization that is mature in their cloud migration journey, and you will be able to anticipate pain points and security concerns from that experience.  You will need to be an excellent communicator, adept in articulating the bank’s standards to developers, engineers, and other architects, and are comfortable defending your design decisions noted in the auditable documentation you produce. It is also essential that you are a team player that enjoys an environment of collaboration, positive input, and continuous learning.



Primary Responsibilities:

Understand enterprise architecture including to identify security gaps, develop controls and design solutions meeting business objectives while complying with security standards.
Work in close collaboration with Engineering teams that are designing M&T’s cloud- based capabilities, along with Business aligned technical teams that are leveraging the services.
Recommend appropriate security controls to protect confidentiality, integrity and availability of customer and corporate data in line with the enterprise risk appetite.
Document and verify recommended security controls are aligned with Bank policies and standards as well as industry best practices, ensure proper documentation of exceptions to standards and/or recommend mitigating controls.
Work with business teams and Cybersecurity leadership to identify and recommend exceptions to standards for projects.
Participate in development and refinement of standards with Cybersecurity policy team.
Prepare Communicate required systems and applications security controls to owners and/or technical leads and prepare auditable documentation, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
Present technical information to technical and non-technical audiences to ensure business understanding of security controls and recommendations.  Present recommendations to various levels within the organization including senior management.
Communicate required systems and applications security controls to owners or technical leads, ensuring alignment with applicable laws, regulations, Bank policies and standards, as well as industry best practices.
Engage with Technology teams and management to identify security risks of proposed projects and recommend system and application modifications.
Remain current with industry trends and security threats to advise management on how to mitigate and contain risks to the business.  Prepare and deliver management level presentations to communicate trends and threats.
Mentor less experienced personnel on Cybersecurity principles and application, in relation to Bank standards.
Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite.  Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
Education and Experience Required:

Minimum of 2 years’ higher education and 7 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 7 years’ relevant work experience
Strong knowledge of cybersecurity principles and industry best practices, relevant to confidentiality, integrity, and availability
Proven knowledge of information technology security principles and their implementation methods (e.g., firewalls, encryption, key vaults, authentication & authorization, identity governance & management. Active Directory and Azure security policies, network segmentation, privileged access, EDR, SAML, DLP, CASB, MFA, IDS/IPS, DDOS, SIEM, WAF, UBA)
Experience selecting security controls based on confidentiality, integrity, and availability requirements of systems
Experience handling multiple projects, meeting strict deadlines, and overseeing project tasks for less experienced team members