Lead IAM Governance Specialist

This role is four days onsite at our Seneca One Buffalo, NY location, with the flexibility to work from home one day per week.

Responsible for analyzing, developing, and monitoring compliance with complex cybersecurity IAM policies, procedures, and best practices. Develop new and enhance existing processes and governance that prioritize resiliency and security of organization.

• Provide governance leadership across common IAM platforms (e.g., SailPoint, Azure AD / Entra , Cyber Ark, PAM solutions).
• Define expectations for birthright access, role models, entitlement management, and certification strategies.
• Ensure governance models are tool aware but tool agnostic, scalable, and not overly reliant on manual effort.
• Lead governance strategy for cloud identity, including Azure AD / Entra , RBAC, conditional access, and privileged role governance.
• Establish guardrails and standards for cloud-native access models, hybrid identity, and federated access.
• Serve as a senior advisor during complex access decisions, risk exceptions, and enterprise initiatives.
• Stay ahead of emerging risks in the workforce IAM space, including non human identities (NHI), AI/service accounts, cloud privilege sprawl, and over entitlement.
• Proactively identify control gaps and recommend governance enhancements.
• Contribute to IAM roadmaps, tooling strategy, and long term modernization efforts.
• Prepare reports through gathering, analyzing and summarizing data and information; prepares presentation materials for senior leadership reports.
• Partner with appropriate teams and leadership, First Line Risk, and Internal Audit to proactively mitigate risk through creation and enhancement of comprehensive policy framework.
• Execute comprehensive response to internal audit and regulatory requests, refining processes for efficiency and accuracy.
• Partner with Cybersecurity teams and managers to ensure process documentation, reporting, and performance metrics continuously improve with organizational maturity.
• Create remediation plans and supports team implementation, providing guidance to teams to ensure comprehensive execution against key actions and milestones.
• Foster strong partnerships with stakeholders in Cybersecurity teams to ensure successful development and implementation of the governance framework.
• Recommend key actions and milestones in project plan and leads execution of specification project milestones.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

• Partners with peers, manager, Cybersecurity team and leadership, First Line Risk team, Internal Audit team, and external auditors.
• Exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
• Subject matter expert on multiple cybersecurity platforms and applications within function and working knowledge on multiple platforms and applications across full cybersecurity team.

• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience inclusive of a minimum 4 years’ work experience in/with the specific Cybersecurity or Technology area and/or team.
• Demonstrated advanced knowledge of IAM cybersecurity principles and compliance requirements.

• Subject matter expert on IAM platforms:
  SailPoint, Azure AD, Entra , Cyber Ark, PAM solutions.
• Familiar with cloud identity strategy including Azure AD, Entra , RBAC, conditional access, and privileged role governance.
• Experience with IAM road mapping, tooling strategy and modernization.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $ - $ Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Buffalo, New York, United States of America

M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer, including disabilities and veterans.