Job details

Cybersecurity Manager - Offensive Security

Get a free resume review

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview:

Manages the activities and strategic priorities of one or multiple cybersecurity teams. Responsible for financial and human capital planning to ensure short- and long-term priorities support and protect the Bank from internal and external cybersecurity threats.

Primary Responsibilities:

Lead and manage the Offensive Security Operations team, including red teamers, penetration testers, and adversary emulation specialists.
Develop and execute the organization’s offensive security strategy aligned with risk management objectives and threat landscape insights.
Oversee planning and execution of red team operations, penetration testing campaigns, and purple team exercises across enterprise environments.
Coordinate cross-functional efforts with threat intelligence, blue team, and incident response teams to identify security gaps and drive remediation.
Provide technical and operational leadership in the design and execution of complex adversarial simulations, leveraging frameworks such as MITRE ATT&CK and NIST.
Prioritize work within function(s) of oversight and raise to senior leadership and finance to incorporate into financial plan.
Manage team performance, mentoring, career development, and resource allocation to support both tactical and strategic initiatives.
Present operational outcomes, risk findings, and mitigation strategies to senior leadership and stakeholders through well-crafted reports and briefings.
Manage initiatives to identify and implement new/updated methodologies that ensure a proactive stance against risks.
Interpret regulatory and compliance requirements, and partner with risk, legal, and engineering teams to ensure necessary controls are implemented.
May present in regulatory engagements to understand and address cybersecurity-related legal and regulatory requirements.
Create strong workforce plan to meet business needs, including (but not limited to) mentoring and coaching high potential team members, developing career paths and succession planning for key roles, identifying training needs and gaps, and establishing culture of knowledge sharing and collaboration.
Contribute to the delivery of the Bank-wide information security training and awareness program.
Collaborate with technology and business leaders to create program that meets Cybersecurity objectives and organization needs.
Exercise usual authority of a manager concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations.
Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.

Scope of Responsibilities:

Primary partners: CISO, Cybersecurity Directors and Senior Managers
Stakeholders: Technology team and the Bank
Work is accomplished with minimal direction; strategizes team goals based on Cybersecurity imperatives.
Oversees a minimum of 2 functions/teams within Cybersecurity.
This role may present to Regulators.
Accountable for informing and meeting budget for functions/teams they oversee.

Manager Responsibility:

Typically leads a team of 5-10 FTE

Education and Experience Required:

Bachelor's degree and a minimum of 7 years’ relevant work experience, or in lieu of a degree, a combined minimum of 11 years’ higher education and/or work experience
Demonstrated expert knowledge of Cybersecurity principles.
Minimum 6 years’ work experience in/with the specific cybersecurity function
Minimum 2 years’ managerial experience

Education and Experience Preferred:

Minimum of 6 years’ managerial experience
Proven ability to mentor and lead cybersecurity individual contributors.
Excellent communication
Excellent interpersonal skills
Ability to effectively articulate message to technical and business teams
Experience effectively influencing peers and leaders.
Experience prioritizing across competing priorities and quickly changing landscape.
Experience in a highly regulated industry environment.
Proficient understanding of financial services regulations, compliance requirements, and risk management practices.
Ability to translate business objectives into strategic cyber plans, programs, and initiatives.

#LI-JB3 #Hybrid

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $130,795.52 - $217,992.53 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America

Average salary estimate

$174393.5 / YEARLY (est.)

min

max

$130795K

$217992K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About Cybersecurity Manager - Offensive Security, MTB

Are you ready to take the lead in protecting against cyber threats? M&T Bank is searching for a proactive and dynamic Cybersecurity Manager specializing in Offensive Security to join our innovative team in Buffalo, NY. In this pivotal role, you’ll manage and guide a talented group of cybersecurity professionals, including red teamers and penetration testers, as you develop and implement a robust offensive security strategy aligned with our organizational objectives. Your responsibilities will include overseeing red team operations and executing penetration testing campaigns to identify and address vulnerabilities across enterprise environments. Collaboration is key, and you’ll coordinate with various teams to enhance our protective measures and drive remediation efforts. We believe in nurturing talent, so you’ll have the opportunity to mentor team members while shaping their career paths. With a hybrid work schedule, you can enjoy flexibility, working remotely two days a week while still benefiting from collaborative in-person sessions at our Buffalo Tech Hub. If you’re passionate about cybersecurity and looking to make a significant impact in a role that combines leadership, strategic vision, and hands-on technical expertise, we want to hear from you!

Frequently Asked Questions (FAQs) for Cybersecurity Manager - Offensive Security Role at MTB

What are the main responsibilities of a Cybersecurity Manager - Offensive Security at M&T Bank?

As a Cybersecurity Manager specializing in Offensive Security at M&T Bank, your primary responsibilities include leading the Offensive Security Operations team, developing and executing offensive security strategies in alignment with risk management objectives, overseeing red team operations, and coordinating with cross-functional teams to remediate security gaps. You will also present findings to senior leadership and manage team performance and development.