Job Actions

Job Information

Portfolio Manager I - 3DIYL
Category: Banking, Insurance
  • Your pay will be discussed at your interview

Job code: lhw-e0-90655820

Company Profile

M & T Bank

Contact Company

Local Information

Laugh while you Look

Sponsored Ads


  Job posted:   Thu Jun 7, 2018
  Distance to work:   ? miles
  3 Views, 0 Applications  
Portfolio Manager I - 3DIYL
**Portfolio Manager I**

**Buffalo, NY, Wilmington, DE, Baltimore, MD**


Role oversees enforcement of the portfolio methodology and assists in the implementation of the assigned project portfolio. This position will assist in the delivery of the defined portfolio strategy and is responsible to help deliver its execution. The position will help achieve portfolio management maturity though coaching and mentoring of the project/program managers within the assigned portfolios.

**Basic Function**

Responsible for overseeing Information security governance, compliance, and/or risk management within Information Technology as well as the institution as a whole. Provides resources and services necessary to assure compliance with the information security and privacy portions of such laws as Gramm Leach Bliley, HIPAA, Fair and Accurate Credit Transactions Act, as well as industry regulations and standards.

Collaborates with peers, management, staff, and others to provide coverage of the broad spectrum of evolving regulatory, standards, and best practices requirements.

Manages a team of functional area staff with specific expertise in the areas of information security governance, compliance, and/or risk management. Responsible for the management of all activities related to the successful planning, documenting, testing, and implementation of all work performed by the team. Provides detailed direction and performs specialized analysis and research of modifications to solve any scope problem or enhancement.

Provides positive example of M&T leadership, values and commitment to direct and indirect reports.

**Essential Position Responsibilities**

+ Manages an assigned major subset of governance, compliance, and risk management disciplines that maintain sound operational practices and advises functional areas across the organization on risks and needed controls. Examples include data classification schemas for system and non-system data and security awareness programs to ensure that all employees understand their responsibilities to protect information and privacy.

+ Maintains specific expertise on assigned governance, compliance, and risk management disciplines including applicable laws, regulations, standards, and best practices using the Internet and other means. Ensures that supervised staff maintains detailed currency in these areas.

+ Manages processes to maintain organization-wide currency on laws, regulations, and best practices and developing and recommending appropriate controls within assigned areas of practice.

+ Ensures that updates are communicated to security coordinators, senior and middle management, and others.

+ Monitors the effectiveness of implemented programs and procedures and recommends improvements.

+ Ensures adequate communication about controls that minimize risk to profitability and reputation due to fraud, misrepresentation, false pretense, or other malfeasance.

+ Creates, or manages creation of, new and/or revised corporate and departmental policies, standards, and procedures regarding assigned areas of expertise.

+ Develops, or ensures development, of such test plans as are prudent to ensure conformance with industry standards, regulatory requirements, and risk avoidance programs.

+ Manages and/or participates in design, preparation. and execution of assigned elements of the bank-wide information security program including coordination of the IS program itself, periodic employee security awareness training, vendor security risk management, and/or the risk management programs. May provide coordination of the entire project.

+ Ensures proper periodic review of the information security program by appropriate representation of the board of directors.

+ Ensures that managed area is compliant with all applicable policies, standards, procedures, and other controls. including business continuity planning requirements.

+ Ensures prompt and appropriate resolution to audit and examination recommendations in area of responsibility.

+ Coordinates, manages, and/or mentors subordinates in managing assigned projects and tasks.Manages small to complex projects as required.

+ Monitors project plans and status.

+ Provides input to annual budget process, requisition requests, and human resource requirements.

+ Provides guidance and mentoring to other departments, teams, projects and committees regarding the information security aspects of governance, compliance, and risk management. Involves other expert professionals as required.

+ Ensures appropriate functional area representation on assigned committees and projects.

+ Keeps abreast of activities outside the team that could impact the team or corporate information security environment as a whole.

+ Performs and oversees basic to complex security analysis, standards design, security gap analysis and/or risk assessments.

+ Leads and/or provides significant contribution to complex projects.

+ Clearly understands the function and content of applicable information security policies, standard, and procedures as well as threats, risks, and vulnerabilities at a functional level.

+ Exercises authority appropriate to management span of control on issues of staffing, performance appraisals, promotions, salary recommendations, performance management, and terminations.

+ Ensures applicable non-compliance allegations by auditors, regulators, security personnel, managers, etc. are adequately analyzed and appropriate responses presented to management and/or the allegation originator in a timely fashion.

+ Supports constructive change, improvement, and solutions that support the needs of the business. Identifies opportunities for change that will provide the greatest positive impact to the functional area and to the corporation.

+ Enacts change or recommends to senior management.

+ Demonstrates solid understanding of systems development lifecycle management and information technology auditing approach and methods.

+ Demonstrates good ability to enlist expert resources when necessary.

+ Ensures timely completion of other requirements as assigned by management.

**Management Responsibilities**

+ Attracts, develops and retains individuals and teams with diverse capabilities appropriate to the function.

+ Provides targeted training and development to ensure currency and effectiveness of assigned teams.

+ Manages career progression of staff.

+ Accurately appraises strengths and weaknesses. Effectively manages underperformers.

+ Provides constructive feedback. Keeps team motivated, informed, and accountable.

**Nature and Scope**

This position works under limited supervision of the ISCRM System Manager II or III and is required to exercise independent judgment, discretion, and may include decision-making in lieu of the ISCRM System Manager II or III.

Responsible for all aspects of area's duties, which could include problem resolution, policy/standard/procedure development, risk assessments, gap analysis, etc..

Issues addressed are so broad in nature that they extend beyond functional boundaries. Examples include data classification schemas for system and non-system data and security awareness programs to ensure that all employees understand their responsibilities to protect information and privacy.

Considered an expert in the area of information security governance and/or risk management. Ensures periodic review and enhancement of information security controls and practices contributing directly to the safety and soundness of the bank thereby reducing the risk of fines, penalties, and other losses resulting from non-compliance.

Interacts and relates with executive management, middle management, supervisors, and staff. Also interfaces with M&T Internal Audit. the Privacy Office, Compliance, Information Technology. and Risk Management functions as well as regulatory bank examiners and external professional organizations supporting areas of expertise. May prepare materials for review by the Audit Committee and/or executive management and may prepare materials for distribution to all employees.

Learns from experience. Actively pursues learning and self-development and encourages staff to do likewise. Seeks and acts upon performance feedback. Effectively manages own time and instills time management skills in subordinates.

Understands how assigned functional area fits in the big picture. creates a uniform direction, and communicates a common vision. Seeks efforts that will have the greatest positive organizational impact. Initiates and/or supports new ideas and initiatives.

Actively contributes to understanding/improving staff commitment and employee engagement issues and how they impact business results.

Proactively works with own area and functional areas throughout the organization to ensure awareness of, and compliance with, information security governance, compliance, and risk management requirements. Provides expert counsel on matters related to assigned areas of expertise.

May be called upon to serve as information security representative on committees, projects, or project control committees.

Provides approval and signing up to approval limits.

**Basic Qualifications**

+ Bachelor's Degree in information security, information technology, mathematics, engineering, or a related discipline preferred and ten (10) years professional / management experience in a regulated industry or in lieu of education fourteen (14) years of relevant experience.

+ Five (5) years in information security, governance, compliance, risk management, and/or similar discipline.

+ Some experience leading cross-functional teams.

+ Demonstrates solid familiarity with security, privacy, and governance regulations such as Gramm-Leach-Bliley (GLBA), Sarbanes-Oxley (SOX), the Fair and Accurate Credit Transactions Act (FACTA), the Fair Credit Reporting Act (FCRA), and the Health Insurance Portability and Accountability Act (HIPAA).

+ Payment Card Industry Data Security Standard (PCI).

+ Excellent written and verbal communication skills.

+ Ability to communicate with senior management, peers, internal and external auditors and examiners, business partners and other security related agencies as required.

+ Ability to research and report on governance/compliance related topics using a variety of sources (ex: Internet, affiliate organizations, governmental agencies) and techniques.

+ CISM Certification helpful, CISSP Certification helpful. PMP Certification helpful.

**Technical Skills and Success Factors**

**Issue Identification / Conceptual Thinking:** Demonstrates consistent ability to identify most critical aspects of a problem; Ensures that senior members of team are mentoring more junior members in identifying opportunities for improvement and enhancement; Ensures that all material issues are identified and mitigation efforts prioritized; Evaluates, counsels, mentors, and provides feedback to staff in effectively identifying and addressing issues;

**Data / Diagnostic Information Gathering:** Ensures that information gathering efforts are reliable, productive, and efficient; Ensures that team is gathering information in a timely and efficient manner; Ensures that even the most elusive inconsistencies are addressed in an effective and timely manner; Ensures accuracy, timeliness, and efficient gathering of information; Ensures that more senior team members are effectively mentoring more junior members;

**Problem Structuring / Solving:** Ensures that team is effectively identifying key issues, considering a reasonable number of alternative approaches and providing effective problem solving; Ensures that even the most complex problems are being addressed in an accurate and timely fashion;

**Analytical Thinking, Skills, and Approach:** Pushes beyond existing analytic capabilities, building new conceptual frameworks and/or analytic approaches; Ensures that projects are being segmented into appropriate tasks, that team is prepared to complete projects, and that the most challenging issues are being addressed; Ensures that appropriate solutions are being pursued; Mentors staff on most difficult analysis tasks;

**Response to Problem Shifts / Forward Thinking:** Sometimes initiates needed changes in direction as new information is discovered, helping team manage the changes and keeping supervisors and managers appraised of the changes; Identifies what needs to be done and takes action before being asked or required; Assumes responsibility when ownership is unclear or not assumed; Takes independent action to change in the direction of events when necessary;

**Recommendation Development:** Develops recommendations that can be implemented and provide clear value; Sees total needs in big picture and takes into account secondary implications and recommendations;

**Decisiveness:** Applies extensive knowledge and experience when addressing complex issues; Makes timely, challenging decisions even with imperfect information; Considers impact of decisions on M&T Commitment / Employee Engagement; Is action oriented, takes ownership and moves forward;

**Technical Proficiency:** Identifies and implements effective technical strategies in the team; Fosters effective use of technology resources; Ensures that procedures reflect effective use of the technology and that staff understands the capabilities of current and emerging products; Budgets and plans for appropriate new products and upgrades to support department mission; Ensures that procedures within purview are periodically reviewed to maximize the benefits of available technology; Ensures that software systems are used in the most effective ways

**Governance and Regulatory Awareness:** Ensures that staff understands and supports all applicable laws, regulations, standards, and/or risk management methodologies; Ensures adequate staff coverage for all applicable controls and documentation; Mentors assigned staff, other functional area staff, and management, on all applicable regulations, laws, and standards issues; Provides detailed consultation on complex issues relating to governance, regulatory compliance, and risk management; Ensures that department manager is kept abreast of potential and actual issues and complications relating to risk and compliance;

**Project Management:** Ensures that team members adhere to appropriate project management methodologies using approved products; Oversees overall technical project plan and details plans as required; Fosters timely and accurate reporting of project status and changes; Ensures adherence to appropriate project management methodology; Encourages assigned staff to take steps to assure project completion on time, within budget, and with no surprises; Ensures that project status is kept in a timely and accurate manner; Ensures appropriate representation at project meetings and status review sessions;

**M&T Specific Skills:** Demonstrates effective networking with managers and staff in diverse areas of the institution; Coordinates, on multiple levels, with people from diverse areas of the institution; Coordinates priorities among multiple projects, tasks, and functional areas; Has a solid knowledge of industry, competition, customers, operations, and compliance regulations; Possesses solid knowledge of bank-wide policies, standards, and procedures with specialized knowledge in managed area;

**Presentation Skills:** Mentors team presentation skills, assists with preparation, and assists more junior team members at their presentations; Presents effectively; Consistently prepared to make quality presentations to all levels of the organization and answer difficult questions from the participants; Demonstrates ability to present to target audience; Mentors peers and subordinates in communication techniques and effectiveness; Understands the impact of own words and actions on others and adjusts accordingly;

M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.

More Information »