Overview
Position Overview
The Strategic Advisor to the CISO is a senior executive leader and trusted partner to the Chief Information Security Officer, helping shape and execute the Bank’s enterprise cybersecurity strategy. With a scope and influence comparable to a Deputy CISO, the position focuses on driving strategic execution, delivering measurable business outcomes, and enhancing the effectiveness of the cybersecurity organization, without direct people management responsibility.
As a visible industry leader, the Strategic Advisor cultivates key external partnerships, influences cybersecurity best practices, and elevates the Bank’s voice within the broader security community.
Key Responsibilities
Strategic Leadership & Cybersecurity Strategy
Serve as a trusted advisor to the CISO to on cybersecurity strategy, risk management, and organizational priorities
Advise on cybersecurity strategy with Technology, Enterprise Risk, and Compliance frameworks
Provide thought leadership on emerging threats, industry trends, and leading practices
Advise on emerging technologies, threats, and trends to maintain a leading security posture
Serve as acting CISO, as needed, ensuring continuity of leadership and decision-making
Strategic Execution & Organizational Effectiveness
Drive execution of high-priority cybersecurity initiatives, ensuring alignment with business and regulatory expectations
Translate executive-level strategy into actionable plans across security operations, engineering, and risk teams
Drive accountability across initiatives through disciplined tracking of milestones, risks, and outcomes
Evaluate current cybersecurity capabilities and recommend improvements to maturity, resilience, and efficiency
Act as a force multiplier during incidents, priority projects, or periods of heightened risk, supporting coordination and decision-making
Executive Engagement & Cross-Functional Partnership
Partner with senior technology, risk, audit, and business leaders to ensure integrated cybersecurity outcomes
Support board-level and executive communications, including preparation of materials, briefings, and messaging
Technology Governance & Risk Management
Ensure responsible adoption of AI, including governance, risk mitigation, and secure implementation practices
External Leadership & Industry Influence
Maintain strong relationships with regulators, law enforcement, and industry groups
Represent the Bank in external forums and contribute to sector-wide cybersecurity initiatives
Enhance the Bank’s reputation as a cybersecurity thought leader
Scope of Role
Enterprise-wide cybersecurity advisory influence
No direct reports; operates through influence and partnership
Broad engagement across cyber operations, engineering, governance, and risk functions
Direct access to executive leadership and key stakeholders
Success Measures
Acceleration of key cybersecurity initiatives
Improved operational execution and program maturity
Enhanced executive and board-level clarity on cybersecurity posture
Tangible risk reduction and resilience improvements
Minimum Experience Required
Bachelor’s degree and a minimum of 11 years’ cybersecurity and/or large technical program experience, which includes a minimum of 7 years’ cybersecurity experience, or in lieu of a degree, combined minimum of 15 years’ higher education and/or work experience including a minimum of 11 years’ cybersecurity and/or large technical program experience with a minimum of 7 years cybersecurity experience
Minimum of 4 years’ managerial experience
US Citizen and eligibility to obtain a US Government Security Clearance (within 12 months of start date)
Advanced knowledge of related cybersecurity functions
Ideal Experience
Previous CISO or Deputy CISO experience at a large financial institution
15+ years of progressive experience in cybersecurity, information security, or technology risk
Senior leadership experience within a large, highly regulated financial institution
Deep knowledge of cloud, data platforms, and modern engineering practices
Proven ability to translate strategy into measurable outcomes at scale
Experience leading complex, cross-functional initiatives
Strong understanding of regulatory expectations and cyber risk frameworks
Experience engaging with regulators, industry bodies, and government partners
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $201,200.00 - $335,300.00 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

