Job Specifications
This role is four days onsite at our Seneca One Buffalo, NY location, with the flexibility to work from home one day per week
Overview:
The Lead Cybersecurity Engineer provides technical leadership for enterprise application infrastructure and platform operations, ensuring secure, reliable, and resilient environments across on‑premises and SaaS platforms. This role leads modernization efforts, supports Windows and Linux deployments, collaborates with security and infrastructure teams, and provides operational oversight, incident support, and audit readiness for critical systems.
Primary Responsibilities:
Serve as the technical lead and subject matter expert for enterprise application infrastructure and platform operations
Lead modernization initiatives for the application platform, including:
Infrastructure modernization
Platform upgrades and version migrations
Architecture improvements for scalability, performance, and resiliency
Maintain and support the existing on‑premises environment, ensuring uptime, reliability, and security
Mentors, trains, and coaches team members, providing hands‑on technical leadership, incident support, and audit readiness for critical systems
Support deployments across Windows Server and Linux environments
Install, configure, manage, and tune its supporting components, including - Application servers, Databases, Connectors, and integrations
Plan and execute upgrades, patches, and hotfixes, including impact analysis, testing, and rollback planning
Collaborate with IAM, security, and infrastructure teams to align architecture with enterprise security standards
Support the operational management of SaaS application, including - Platform configuration and administration, Integration with internal teams, coordination with the SaaS vendor for support, upgrades, and issue resolution
Performs SQL queries and analysis to support troubleshooting, reporting, and operational insights
Troubleshoot complex and infrastructure issues across development, test, and production environments
Develop and maintain runbooks, alert response procedures, dashboards, and operational documentation
Lead and mentor other engineers supporting operations
Develop and maintain technical documentation, standards, and operational procedures
Support audit, compliance, and risk management activities related to identity systems
Participate in on‑call or escalation support as required for critical IAM services
Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
Promote an environment that supports belonging and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
Scope of Responsibilities:
This role is used in one or more of the following cybersecurity function:
Identity and Access Engineering – develops and manages the architecture, automation, and control mechanisms for provisioning of least privilege access for employees and contractors to internal and 3rd party systems, applications, and data sources.
Partners primarily with individual contributors and leaders within Cybersecurity and Technology, occasionally senior leaders within Cybersecurity
Exercises judgement in selecting methods, techniques, and criteria in executing objectives. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
Advanced ability to use multiple Cybersecurity tools, specific to function.
Education and Experience Required:
Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience
Education and Experience Preferred:
Strong hands‑on experience with:
Infrastructure setup and maintenance
Platform upgrades and migrations
Performance tuning and troubleshooting
Experience supporting on‑premises enterprise applications in production environments
Solid understanding of IAM concepts, including:
Authentication and authorization
Identity lifecycle management
Role‑based access control (RBAC)
Access certifications and governance
Experience working with application servers (e.g., Tomcat, WebLogic, WebSphere)
Strong understanding of Linux/Unix environments
Experience working with relational databases (Oracle, SQL Server, PostgreSQL)
Experience administering or supporting SaaS‑based security platforms
Ability to lead technical initiatives and coordinate across multiple teams
Strong written and verbal communication skills
What Success Looks Like In This Role
Stable, secure, and well‑maintained on‑prem environment
Successful execution of IIQ mod