Principal

PrincipalSpecialist-TechnologyandCybersecurityRisk

$148–247k Buffalo, New York, United States FULL TIME

Market Sentiment

HIGH DEMAND

Neural analysis suggests this role is
optimal for Lead candidates.

The Brief

“Principal Specialist - Technology and Cybersecurity Risk at Principal. Skills: Technology and Cybersecurity Risk, Risk framework development and implementation, Strategic risk management, Regulatory engagement, Cross-functional leadership. Develop and implement strategic risk framework ensuring comprehensive coverage of all technology capabilities.. Lead execution of strategic risk management framework and program that aligns practices with business objectives and regulatory requirements, includ”

Industry & Context.

Problems you'll solve

Strategically seek critical information, and apply across a broad array of processes

Eligibility Requirements

May present to Regulators under the direction of senior Technology and Cybersecurity Risk leaders.

What They're Looking For.

Must Have

Bachelor's degree and a minimum of 9 years’ relevant work experience, or in lieu of a degree, a combined minimum of 13 years’ higher education and/or work experience, Demonstrated expert knowledge of Technology and Cybersecurity risk principles, Minimum of 8 years' relevant work experience in and/or with the specific risk area and/or business unit

Nice to Have

Master's degree in Information Technology, Computer Science, Cybersecurity, Law, Business Administration, or related field, Applicable certification align to function or domain such as Certified in Risk and Information Systems Control (CRISC®), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP), Demonstrated ability to indirectly lead strategic direction of team, Excellent communication and interpersonal proven ability to effectively convey message to technical and business leaders, Experience partnering with leadership to design solutions aligned with business needs, Excellent ability to strategically seek critical information, and apply across a broad array of processes, Prior experience prioritizing across competing priorities and quickly changing landscape, and execute outcomes aligned with priorities, Experience effectively influencing senior leaders, Excellent mentoring and leadership capabilities

What You'll Do.

Develop and implement strategic risk framework ensuring comprehensive coverage of all technology capabilities.

Lead execution of strategic risk management framework and program that aligns practices with business objectives and regulatory requirements

including (but not limited to) developing complex process maps

responses to regulatory bodies and audit

and summary of complex findings.

Optimize and implement frameworks

providing expert guidance and leading transformative efforts to achieve industry-leading technology risk compliance.

Spearhead collaboration among cross-functional teams across the Bank and executive leadership to align technology practices with overarching business goals and regulatory maintain productive relationships with external stakeholders and/or with third-party engagements to ensure resiliency of Technology

and the overall Bank.

Oversee preparation and response to regulatory may act as subject matter expert in regulatory meetings.

Lead integration of advanced or complex risk management methodologies to drive innovation and to address evolving threats.

Mentor and coach team members within department

fostering their professional growth and ensuring a high standard for all risk analysts within the team.

Influence design and delivery of training programs to strengthen the Technology and Cybersecurity Risk function and enhance the ability to effectively manage technology and cybersecurity risk.

Understand and adhere to the Company’s risk and regulatory standards

policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.

Promote an environment that supports belonging and reflects the M&T Bank brand.

Maintain M&T internal control standards

including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

Complete other related duties as assigned.

How You'll Work.

Team & Collaboration

Spearhead collaboration among cross-functional teams across the Bank and executive leadership.; Align technology practices with overarching business goals and regulatory.; Maintain productive relationships with external stakeholders and/or with third-party engagements.; Interact with senior people leaders within the Technology and Cybersecurity teams, senior people leaders of Technology and Cybersecurity Risk, and across the bank, and internal partners such as Enterprise and Operational Risk, Internal Audit, Regulatory Affairs.

Communication Scope

Excellent communication and interpersonal proven ability to effectively convey message to technical and business leaders

Full Job Description

# **Overview: ** Leads risk analysis for the most complex initiatives, influencing and designing overarching risk framework and providing expert guidance to senior leadership for informed decision-making aligned with organizational imperatives. ## **Primary Responsibilities:** * Develop and implement strategic risk framework ensuring comprehensive coverage of all technology capabilities. * Lead execution of strategic risk management framework and program that aligns practices with business objectives and regulatory requirements, including (but not limited to) developing complex process maps, responses to regulatory bodies and audit, and summary of complex findings. * Optimize and implement frameworks, providing expert guidance and leading transformative efforts to achieve industry-leading technology risk compliance. * Spearhead collaboration among cross-functional teams across the Bank and executive leadership to align technology practices with overarching business goals and regulatory requirements; maintain productive relationships with external stakeholders and/or with third-party engagements to ensure resiliency of Technology, Cybersecurity, and the overall Bank. * Oversee preparation and response to regulatory engagements; may act as subject matter expert in regulatory meetings. * Lead integration of advanced or complex risk management methodologies to drive innovation and to address evolving threats. * Mentor and coach team members within department, fostering their professional growth and ensuring a high standard for all risk analysts within the team. * Influence design and delivery of training programs to strengthen the Technology and Cybersecurity Risk function and enhance the ability to effectively manage technology and cybersecurity risk. * Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management. * Promote an env

Free ATS check

Applying for this Principal Specialist - Technology and Cybersecurity Risk role?

Most applicants get filtered before a human reads their resume. See if yours makes the cut.

Should you apply? AI reads your resume vs this job — match score, gaps to address, ATS keywords.

SKILL SIGNAL 35 detected · ranked by frequency

Develop and implement strategic risk framework ×3

Lead execution of strategic risk management framework and program ×3

Develop complex process maps ×3

Develop responses to regulatory bodies and audit ×3

Develop summary of complex findings ×3

Optimize and implement frameworks ×3

Lead transformative efforts ×3

Spearhead collaboration among cross-functional teams ×3

Align technology practices with overarching business goals and regulatory ×3

Maintain productive relationships with external stakeholders ×3

Oversee preparation and response to regulatory ×3

Act as subject matter expert in regulatory meetings ×3

Lead integration of advanced or complex risk management methodologies ×3

Influence design and delivery of training programs ×3

Strengthen the Technology and Cybersecurity Risk function ×3

Enhance ability to effectively manage technology and cybersecurity risk ×3

Understand and adhere to the Company’s risk and regulatory standards, policies and controls ×3

Identify risk-related issues needing escalation to management ×3

Maintain M&T internal control standards ×3

Timely implementation of internal and external audit points ×3

Address issues raised by external regulators ×3

Technology and Cybersecurity Risk ×2

Risk framework development and implementation ×2

Strategic risk management ×2

Regulatory engagement ×2

Cross-functional leadership ×2

Technology risk

Cybersecurity risk

Risk analysis

Risk management

Regulatory compliance

Business objectives alignment

BEHAVIOURAL

MentoringCoachingCollaborationInfluencingInterpersonal skillsBelonging promotion

Role Details

Seniority senior

Experience 9–15 yrs

Level Lead

Work Mode No

Type FULL TIME

Education Bachelor's degree

Salary Band 100k-150k

AI-Extracted Insights

Domain Areas

technology-riskcybersecurity-riskregulatory-requirements

Certifications

Certified in Risk and Information Systems Control (CRISC®)Certified Information Systems Auditor (CISA)Certified Information Security Manager (CISM)Certified Information Systems Security Professional (CISSP)

How to Apply on Workday

Workday has a multi-step form — save your progress after every section.
"Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
Job requisition numbers are useful when following up with HR by email.

ANONYMOUS · UNFILTERED

What do employees actually say about Principal?

Real rants from real employees. Read before you apply.

Read Company Rants →