IT Audit Manager – Institutional Services and Wealth Management (ISWM) Domain
About the role
This position will be hybrid 4 days/week onsite (1 day remote), based out of: Buffalo NY, Wilmington DE, Bridgeport CT, Boston MA, NYC, or Iselin NJ. Must be within a commutable distance or willing to relocate.
Key Responsibilities
- Audit Execution & Risk Coverage: Support the department’s risk assessment process and develop the annual audit plan, with primary accountability for determining IT audit coverage across the ISWM domain.
- Stay current on evolving industry practices, regulatory guidance, and emerging technology and cybersecurity risks impacting the ISWM businesses.
- Independently manage all phases of the audit process—including planning, execution, continuous auditing, and validation procedures—in a risk-focused manner for assigned audit entities, ensuring independence and adherence to department and professional industry standards.
- Lead a team of auditors in the identification, assessment, and testing of key IT controls impacting the ISWM domain. Consult with Commercial, Technology, and Risk Management stakeholders regarding risk and control matters. This includes proposing solutions to audit findings, recommending control enhancements, and representing Internal Audit on cross-functional working groups as appropriate.
- Manage multiple audit engagements and competing priorities concurrently in an efficient and effective manner with minimal oversight.
- Lead teams in incorporating data analytics and technology-enabled audit techniques to enhance risk identification and audit execution throughout all phases of the audit lifecycle.
- Clearly demonstrate visible support for the department’s strategic objectives.
- Leadership, Decision Making, and Stakeholder Management: Exercise strong independent judgment, initiative, and critical thinking in ambiguous or complex risk scenarios. Communicate audit status, emerging risks, and significant issues clearly and proactively to audit leadership and business executives, following a “no surprises” philosophy. Build trusted, productive relationships with ISWM and Technology leaders, risk partners, and audit colleagues while maintaining independence and objectivity. Demonstrate political acuity, sound decision-making, and sensitivity to organizational and cultural dynamics. Actively lead and support the advancement of Internal Audit’s strategic objectives and reputation as a trusted risk advisor.
- Talent Development and Knowledge Sharing: Coach, mentor, and oversee audit team members, tailoring development approaches based on experience and skill level, including building capability in assessing technology risks within ISWM audits. Actively contribute to department-wide talent development, including cross-training auditors on ISWM technologies. Partner with the Audit leadership team on staffing, performance evaluations, promotions, compensation recommendations, and performance management for direct reports.
- Governance, Risk, & Compliance: Adhere to all company policies, risk management frameworks, and regulatory standards applicable to audit and operational risk. Support a strong control environment, including timely remediation of internal and external audit issues and regulatory findings. Champion an inclusive, collaborative work environment that reflects the M&T Bank brand and values. Perform other related duties as assigned.
Scope of Responsibilities
Demonstrate deep working knowledge of technology/cybersecurity regulatory guidance and examination expectations and support Internal Audit readiness for regulatory reviews and examinations. Ensure ongoing conformance with professional auditing standards and internal audit methodology. Regularly communicate with Senior, Middle, and Line Management, External Auditors, and periodic engagement with regulatory agencies.
Supervisory / Managerial Responsibilities
This position has direct supervisory responsibility for selected audit team members and may provide coaching or oversight to audit professionals across the ISWM audit team.
Education and Experience
- Bachelor’s degree, preferably in Accounting, Business, Finance, Technology, Cybersecurity, Mathematics, Statistics, or a related field, and 7 years of relevant experience, including 2 years of supervisory or managerial experience.
- Strong leadership skills with demonstrated ability to develop and coach others.
- Excellent verbal and written communication skills.
- Strong project management, analytical, and interpersonal skills with the ability to exercise sound judgment and critical thinking.
- Effective negotiation skills and the ability to maintain independent viewpoints in senior-level discussions.
Preferred Qualifications
- MBA or Master’s degree in an appropriate field.
- Minimum 3-5 years of IT Audit Experience.
- Minimum 7-10 years of People Leadership Experience.
- Professional certifications such as CIA, CISA, CISSP, CCSP or similar.
- Financial Services industry experience preferred.
- Prior exposure to technology risk, IT controls, cybersecurity, or data governance supporting the Global Capital Markets or Wealth Management businesses is preferred.