This role is four days onsite at our Wilmington, DE Tech Hub location, with the flexibility to work from home one day per week
Responsible for analyzing, developing, and monitoring compliance with complex cybersecurity IAM policies, procedures, and best practices. Develop new and enhance existing processes and governance that prioritize resiliency and security of organization.
Provide governance leadership across common IAM platforms (e.g., SailPoint, Azure AD / Entra ID, CyberArk, PAM solutions).
Define expectations for birthright access, role models, entitlement management, and certification strategies.
Ensure governance models are tool aware but tool agnostic, scalable, and not overly reliant on manual effort.
Lead governance strategy for cloud identity, including Azure AD / Entra ID, RBAC, conditional access, and privileged role governance.
Establish guardrails and standards for cloud-native access models, hybrid identity, and federated access.
Serve as a senior advisor during complex access decisions, risk exceptions, and enterprise initiatives.
Stay ahead of emerging risks in the workforce IAM space, including non human identities (NHI), AI/service accounts, cloud privilege sprawl, and over entitlement.
Proactively identify control gaps and recommend governance enhancements.
Contribute to IAM roadmaps, tooling strategy, and long term modernization efforts.
Prepare reports through gathering, analyzing and summarizing data and information; prepares presentation materials for senior leadership reports.
Partner with appropriate teams and leadership, First Line Risk, and Internal Audit to proactively mitigate risk through creation and enhancement of comprehensive policy framework.
Execute comprehensive response to internal audit and regulatory requests, refining processes for efficiency and accuracy.
Partner with Cybersecurity teams and managers to ensure process documentation, reporting, and performance metrics continuously improve with organizational maturity.
Create remediation plans and supports team implementation, providing guidance to teams to ensure comprehensive execution against key actions and milestones.
Foster strong partnerships with stakeholders in Cybersecurity teams to ensure successful development and implementation of the governance framework.
Recommend key actions and milestones in project plan and leads execution of specification project milestones.
Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
Promote an environment that supports belonging and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
Partners with peers, manager, Cybersecurity team and leadership, First Line Risk team, Internal Audit team, and external auditors
Exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
Subject matter expert on multiple cybersecurity platforms and applications within function and working knowledge on multiple platforms and applications across full cybersecurity team.
Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience inclusive of a minimum 4 years’ work experience in/with the specific Cybersecurity or Technology area and/or team
Demonstrated advanced knowledge of IAM cybersecurity principles and compliance requirements.
Subject matter expert on IAM platforms: SailPoint, Azure AD, Entra ID, CyberArk, PAM solutions
Familiar with cloud identity strategy including Azure AD, Entra ID, RBAC, conditional access, and privileged role governance
Experience with IAM road mapping, tooling strategy and modernization
#LI-JB3 #Hybrid
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $128,100.00 - $213,500.00 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.
Wilmington, Delaware, United States of America
Great companies have an enduring sense of purpose. At M&T, our purpose is a simple one: make a difference in people’s lives and uplift the communities we serve. Founded in 1856 in Buffalo, NY we are now a top 11 full-service US-based commercial bank with a retail footprint across the east coast and wealth services available nationwide and abroad. As a bank, we offer advice, guidance, expertise, and solutions across the entire financial spectrum that combines M&T’s traditional banking services with the wealth management and institutional capabilities offered by Wilmington Trust. We are a community-minded organization with more than 167 years of experience. We serve customers, community, and colleagues whether they be across the street, across the state or across the country.
As an employer of choice, we are proud to offer competitive benefits ranging from medical and retirement to forty hours of paid volunteer time, each year. Our core values drive the work we do – integrity, ownership, collaboration, curiosity, candor and we seek to further build upon our record of success by bringing in top talent and fresh skill sets while continuing to support the growth and development of all our team members.
M&T Bank is unwavering when it comes to providing equal employment opportunities to all employees and applicants without regard to race, color, national origin, religion, ethnicity, sex, gender identity, age, disability, citizenship, pregnancy, veteran status, military status, marital status, sexual orientation, genetic information or any other characteristic protected under applicable federal, state or local laws.
