$201,200–$335,300 Per Year
Artificial Intelligence (AI), Best Practices, Business Strategy, Cloud Computing, Cross-Functional, Decision Support, Emerging Technology, Government, Higher Education, Industry/Trade Analysis, Information/Data Security (InfoSec), Internet Security, Law Enforcement, Leadership, Operational Improvement, Operations Planning, Organizational Development/Management, People Management, Regulations, Risk, Risk Management, Security Clearance, Software Engineering, Strategic Planning, Technical Strategy, Thought Leadership, United States Citizen, Web Application Framework
Position Overview
The Strategic Advisor to the CISO is a senior executive leader and trusted partner to the Chief Information Security Officer, helping shape and execute the Bank's enterprise cybersecurity strategy. With a scope and influence comparable to a Deputy CISO, the position focuses on driving strategic execution, delivering measurable business outcomes, and enhancing the effectiveness of the cybersecurity organization, without direct people management responsibility.
As a visible industry leader, the Strategic Advisor cultivates key external partnerships, influences cybersecurity best practices, and elevates the Bank's voice within the broader security community.
Key Responsibilities
Strategic Leadership & Cybersecurity Strategy
- Serve as a trusted advisor to the CISO to on cybersecurity strategy, risk management, and organizational priorities
- Advise on cybersecurity strategy with Technology, Enterprise Risk, and Compliance frameworks
- Provide thought leadership on emerging threats, industry trends, and leading practices
- Advise on emerging technologies, threats, and trends to maintain a leading security posture
- Serve as acting CISO, as needed, ensuring continuity of leadership and decision-making
Strategic Execution & Organizational Effectiveness
- Drive execution of high-priority cybersecurity initiatives, ensuring alignment with business and regulatory expectations
- Translate executive-level strategy into actionable plans across security operations, engineering, and risk teams
- Drive accountability across initiatives through disciplined tracking of milestones, risks, and outcomes
- Evaluate current cybersecurity capabilities and recommend improvements to maturity, resilience, and efficiency
- Act as a force multiplier during incidents, priority projects, or periods of heightened risk, supporting coordination and decision-making
Executive Engagement & Cross-Functional Partnership
- Partner with senior technology, risk, audit, and business leaders to ensure integrated cybersecurity outcomes
- Support board-level and executive communications, including preparation of materials, briefings, and messaging
Technology Governance & Risk Management
- Ensure responsible adoption of AI, including governance, risk mitigation, and secure implementation practices
External Leadership & Industry Influence
- Maintain strong relationships with regulators, law enforcement, and industry groups
- Represent the Bank in external forums and contribute to sector-wide cybersecurity initiatives
- Enhance the Bank's reputation as a cybersecurity thought leader
Scope of Role
- Enterprise-wide cybersecurity advisory influence
- No direct reports; operates through influence and partnership
- Broad engagement across cyber operations, engineering, governance, and risk functions
- Direct access to executive leadership and key stakeholders
Success Measures
- Acceleration of key cybersecurity initiatives
- Improved operational execution and program maturity
- Enhanced executive and board-level clarity on cybersecurity posture
- Tangible risk reduction and resilience improvements
Minimum Experience Required
- Bachelor's degree and a minimum of 11 years' cybersecurity and/or large technical program experience, which includes a minimum of 7 years' cybersecurity experience, or in lieu of a degree, combined minimum of 15 years' higher education and/or work experience including a minimum of 11 years' cybersecurity and/or large technical program experience with a minimum of 7 years cybersecurity experience
- Minimum of 4 years' managerial experience
- US Citizen and eligibility to obtain a US Government Security Clearance (within 12 months of start date)
- Advanced knowledge of related cybersecurity functions
Ideal Experience
- Previous CISO or Deputy CISO experience at a large financial institution
- 15+ years of progressive experience in cybersecurity, information security, or technology risk
- Senior leadership experience within a large, highly regulated financial institution
- Deep knowledge of cloud, data platforms, and modern engineering practices
- Proven ability to translate strategy into measurable outcomes at scale
- Experience leading complex, cross-functional initiatives
- Strong understanding of regulatory expectations and cyber risk frameworks
- Experience engaging with regulators, industry bodies, and government partners
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $201,200.00 - $335,300.00 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
Location
Buffalo, New York, United States of America