4 Crisis Management jobs in Buffalo

**THIS ROLE WILL BE HYBRID 3 DAYS A WEEK IN: BUFFALO NY, WILMINGTON DE, or BRIDGEPORT CT**
**Overview:**
+ This role provides senior level expertise in audit engagements in the Risk Management domain, including aspects of enterprise risk, operational risk, third party risk, and model risk. The role requires in-depth business and risk knowledge to properly assess associated risk and controls.
**Primary Responsibilities:**
Successful Audit Plan Completion
+ Stay abreast of best practices, industry developments, and changing or emerging risks and consult with the audit teams to ensure their coverage as appropriate in assigned audits.
+ Participate in the execution of audit procedures, particularly those which are highly visible and complex in nature, in a risk-focused manner while maintaining independence and adhering to department and professional industry standards.
+ Analyze audit findings, particularly those that require complex judgment or sophisticated analytical thought, and propose creative and pragmatic solutions to the audit team for consideration in the final audit report.
+ Drive audit teams in the planning and execution of validation procedures for Internal Audit and Regulatory issues that require subject matter expertise.
+ Organize and complete work within established budgets and time frames with minimal direction from audit management.
+ Incorporate the use of data analytics throughout all phases of the audit process.
+ Inform and clearly demonstrate support for the department's strategic objectives.
Leadership, Decision Making, and Communication
+ Possess strong management and interpersonal skills, make sound decisions independently, exhibiting initiative and intuitive thinking.
+ Proactively communicate with senior management members of the audit team and line of business senior and executive regarding the status of audits and potential issues identified.
+ Build strong partnerships with business stakeholders and audit team members.
+ Demonstrates strong judgment, political astuteness, and sensitivity to cultural commitment.
Developing Others
+ Coach and mentor junior audit team members through knowledge sharing, tailoring the approach based upon their skills and experience.
Other Responsibilities
+ Adhere to applicable compliance/operational risk controls in accordance with Company or regulatory standards and policies.
+ Promote an environment that supports belonging and reflects the M&T Bank brand.
+ Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators, as applicable.
+ Complete other related duties as assigned.
**Scope of Responsibilities:**
+ This role operates independently within a matrix reporting environment and is responsible for the timely delivery of high quality, value-added audit reports for a variety of business activities (complex in nature), which meet the requirements of the Audit Committee and regulatory expectations. Ensures ongoing conformance with professional auditing standards.
+ This position directly communicates with Senior, Middle and Line Management and External Auditors. Builds strong partnerships with business stakeholders and other audit team members.
+ This role also requires periodic interaction with external regulatory agencies.
**Supervisory/ Managerial Responsibilities:**
+ May provide coaching opportunities for certain audit professionals but is not responsible for performance management, compensation planning, or other similar duties.
**Education and Experience Required:**
+ Bachelor's degree, preferably in Accounting, Business, Finance, Technology, Cybersecurity, Mathematics, Statistics or other related technical field and 7 years of relevant experience, inclusive of 2 years of work leadership experience. In lieu of degree, a combined minimum of 11 years higher education and/or work experience including 7 years of relevant work experience and 2 years of work leadership experience.
+ Demonstrates strong judgment, political astuteness, and sensitivity to cultural commitment.
+ Possesses strong project management and interpersonal skills, makes sound decisions, exhibiting initiative and critical thinking.
+ Specific subject matter expertise regarding internal audit disciplines or in one or more of the following Lines of Businesses (LOBs) such as Commercial Banking, Retail Banking, Mortgage, Consumer Banking, Wealth Advisory, Institutional Client Services, or support functions such as Treasury, Finance, Compliance, Technology, Operations, Risk Management, or Credit Administration.
+ Specific subject matter expertise regarding internal audit disciplines and/or in Risk Management, including enterprise risk, operational risk, third party risk, and/or model risk.
+ Effective negotiation skills, a proactive and 'no surprises' approach in communicating issues and strength in sustaining independent views.
+ This individual must be an articulate and effective communicator, both orally and in writing, with an energetic, charismatic and approachable style.
**Education and Experience Preferred:**
+ MBA or Master's degree in an appropriate field preferred.
+ Related certifications (CPA, CIA, CISA or similar).
+ Financial Services Industry experience preferred.
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $100,611.94 - $167,686.57 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
**Location**
Buffalo, New York, United States of America
M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer, including disabilities and veterans.

Individuals in Operational Risk establish and manage operational risk policies, propose strategies, and governance processes designed to minimize losses from inadequate controls, fraud, and potential bankruptcy.
The Operations Risk Management Policy Governance team is responsible for reviewing that the policy documents across the firm are in compliance with the minimum requirements of the Operational Risk Management team.
**Responsibilities** :
+ Support the development and implementation of enterprise operational risk management procedures and methodologies, including effective application within the businesses.
+ Participate in initiatives to improve operational risk management practices and enhance organizational resilience.
+ Ensure operational risk management activities comply with internal policies, external regulations, and industry standards.
+ Partner with key stakeholders and subject matter experts across the organization to accomplish goals.
+ Is an enthusiastic and early adopter of change; takes ownership for helping others see a better future and stay positive during uncertainty.
+ Demonstrates and inspires curiosity in seeking new ways to overcome challenges; actively applies learning from failures.
+ Challenges self and others to seek out and communicate alternative views even when unpopular; welcomes diverse ideas to improve outcomes.
+ Acts as a change catalyst by identifying and helping others see where new ideas could benefit the organization.
+ Proactively seeks to understand and act in alignment with organizational decisions; helps others prioritize team and enterprise success over their own personal agenda.
+ Focuses on highest-priority work aligned to business goals; helps others effectively manage competing priorities.
+ Proactively identifies opportunities to streamline work; creates process improvements that enhance efficiency for self and the team.
+ Takes personal accountability for escalating, identifying, and managing potential risk; implements controls that enhance the client experience and operational effectiveness.
+ Anticipates problems and proactively identifies solutions that address the root causes and result in meaningful improvements.
+ Sets high expectations and invests the necessary effort to deliver excellence and exceed performance goals.
+ Role-models and helps others to do the right thing for clients and Citi in all situations, even when difficult.
+ Engages key stakeholders early and often and actively looks for opportunities to improve collaboration in achieving common goals.
+ Proactively seeks out opportunities to volunteer in Citi programs that support the community; advocates for solutions that meet the needs of Citi's clients and the community.
+ Enthusiastically promotes the unique needs and preferences of colleagues; makes active commitment to help colleagues achieve balance, well-being, and development.
+ Empathetically listens and understands others' positions before acting on issues; works to amplify voices that are minimized in the workplace.
+ Leverages varied networks to recruit diverse talent; advocates for colleagues with diverse skillsets, styles, and experiences to gain career opportunities.
+ Appropriately assess risk when business decisions are made, demonstrating particular consideration for the firm's reputation and safeguarding Citigroup, its clients and assets, by driving compliance with applicable laws, rules and regulations, adhering to Policy, applying sound ethical judgment regarding personal behavior, conduct and business practices, and escalating, managing and reporting control issues with transparency, as well as effectively supervise the activity of teams and create accountability with those who fail to maintain these standards
**Qualifications** :
+ 5-8 years of experience (Financial Sector)
+ Previous experience supporting risk management, compliance, governance, or controls related roles.
+ Proven track record of success governing operational risk policy documents ahead of policy approval committees.
+ Ability to review adherence to Operational Risk Management policy documents related to risk and control assessments.
+ Demonstrated experience in the risk management lifecycle.
+ Exposure to enterprise risk management frameworks and knowledge of risk reporting tools and techniques.
+ Exposure to operational risk concepts, methodologies and tools.
+ Familiarity with regulatory requirements and standards related to operational risk management.
+ Understanding of different risk types, e.g. credit, market, liquidity.
+ Exercises independence of judgement and autonomy.
+ Robust project management and organizational skills, with the ability to prioritize tasks, manage multiple initiatives, and meet deadlines in a fast-paced environment.
+ Strong interpersonal skills, with the ability to network, build relationships and collaborate with cross-functional teams to meet deliverables.
+ Ability to analyze data to identify trends and emerging risks.
+ Ability to problem-solve, recommend practical and effective solutions, and make sound decisions under pressure.
+ Excellent communication and interpersonal skills to effectively interact with stakeholders.
+ High level of integrity and professionalism, with the ability to handle sensitive and confidential information appropriately.
**Education** :
Bachelor's/University degree or equivalent experience
---
**Job Family Group:**
Risk Management
---
**Job Family:**
Operational Risk
---
**Time Type:**
Full time
---
**Primary Location:**
Getzville New York United States
---
**Primary Location Full Time Salary Range:**
$70 080,00 - $105 120,00
In addition to salary, Citi's offerings may also include, for eligible employees, discretionary and formulaic incentive and retention awards. Citi offers competitive employee benefits, including: medical, dental & vision coverage; 401(k); life, accident, and disability insurance; and wellness programs. Citi also offers paid time off packages, including planned time off (vacation), unplanned time off (sick leave), and paid holidays. For additional information regarding Citi employee benefits, please visit citibenefits.com. Available offerings may vary by jurisdiction, job level, and date of hire.
---
**Most Relevant Skills**
Analytical Thinking, Control Monitoring, Credible Challenge, Governance, Issue Management, Operational Risk, Policy and Procedure, Policy and Regulation, Risk Controls and Monitors, Risk Identification and Assessment.
---
**Other Relevant Skills**
For complementary skills, please see above and/or contact the recruiter.
---
**Anticipated Posting Close Date:**
ago 13, 2025
---
_Citi is an equal opportunity employer, and qualified candidates will receive consideration without regard to their race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other characteristic protected by law._
_If you are a person with a disability and need a reasonable accommodation to use our search tools and/or apply for a career opportunity review Accessibility at Citi ( ._
_View Citi's EEO Policy Statement ( and the Know Your Rights ( poster._
Citi is an equal opportunity and affirmative action employer.
Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.

**Company :**
Highmark Health
**Job Description :**
**JOB SUMMARY**
This job is responsible for the day-to-day direction of all risk and compliance assessment activities of Highmark Health across a broad range of frameworks including NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, etc. The incumbent will partner with the organizational risk and business partners, the technology organization, and global delivery teams to meet Highmark Health's mission requirements in a manner consistent with the enterprise risk appetite. The incumbent must have a proactive mindset and approach, and feel comfortable working in a highly matrixed environment.
**ESSENTIAL RESPONSIBILITIES**
+ Perform management responsibilities to include, but are not limited to: involved in hiring and termination decisions, coaching and development, rewards and recognition, performance management and staff productivity.Plan, organize, staff, direct and control the day-to-day operations of the department; develop and implement policies and programs as necessary; may have budgetary responsibility and authority.
+ Establishes the appropriate methodology to be used and procedures to be performed for third-party risk, technology, operational compliance, and security programs, across a broad range of frameworks including NIST, HITRUST, PCI, HIPAA, SOC, MAR, CMS, JCAHO, etc.This includes establishing necessary statistical sampling and utilizing various auditing methodologies.
+ Coordinates and manage audits of departments across the enterprise to ensure compliance with policies, schedule, scope and accuracy with the latest laws and regulations, accuracy and completeness, business unit compliance, program training and communications delivery.
+ Partners with functional subject matter experts around the organization, develops annual plan to address third-party strategic, operational, security, reputational, and financial risks for the Organization's family of companies.
+ Establishes and monitoris Key Performance Indicators (KPIs) to ensure risk assessments are completed in accordance with Service Level Agreements, privacy-security policies, contractual obligations.
+ Manages program to perform on-site third party audits, regulatory reviews, vendor risk reviews,and validates necessary remediations to ensure alignment to relevant compliance guidelines.
+ Negotiates on behalf of the organization in third-party, regulatory and/or compliance engagements to ensure appropriate security, audit, regulatory and operational risk terms are appropriately addressed. Interact with vendor and business unit personnel at all levels and effectively communicate risks, expectations, and alternative strategies to mitigate the Organization's concerns over security, audit, and risk provisions.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**Substitutions**
+ 6 years of related and progressive experience in lieu of Bachelor's degree
**Preferred**
+ Master's Degree in Accounting, Finance, Business Administration/Management, Information Technology, Pre-Law, or related field
**EXPERIENCE**
**Required**
+ 5 years of interaction with regulators, auditors, and oversight bodies
To Include:
+ 3 years in a leadership role, preferably in an Audit or Compliance discipline in a Healthcare or Healthcare related industry
+ 3 years overseeing privacy, risk, audit, and/or compliance teams
**Preferred**
+ 3 years with contract negotiations
**LICENSES or CERTIFICATIONS**
**Required**
+ None
**Preferred**
+ Certified Public Account (CPA)
+ Certified Information Security Auditor (CISA)
+ Certified Information Privacy Professional (CIPP)
+ Certified Information Systems Security Professional (CISSP)
+ Certified in Healthcare Compliance (CHC)
+ Certified Internal Auditor (CIA)
**SKILLS**
+ Demonstrate expert knowledge of business and technology processes, risk and control frameworks, and assessment methodologies, particularly as applied to healthcare (payer and provider) business processes.
+ Knowledge of relevant regulatory guidelines, vendor management, sourcing and procurement, and completing assessments of vendors
+ Excellent resource and project planning capabilities, decision making skills, history of results-oriented delivery, and effective team building across a cross-campus and diverse team of management and staff.
+ Strong written and verbal communication skills for diverse audiences (senior management, board, peer, and team).
+ Strong relationship building skills and ability to influence with and without authority in a matrixed organization.
+ Developed leadership qualities with an ability to motivate and inspire a group of individuals to achieve superior results.
+ High capacity to think analytically, interpret information / observations, apply judgment and make effective, strategic decisions.
**Language (Other than English):**
None
**Travel Requirement:**
0% - 25%
**PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS**
**Position Type**
Office-based
Teaches / trains others regularly
Frequently
Travel regularly from the office to various work sites or from site-to-site
Rarely
Works primarily out-of-the office selling products/services (sales employees)
Never
Physical work site required
Yes
Lifting: up to 10 pounds
Constantly
Lifting: 10 to 25 pounds
Occasionally
Lifting: 25 to 50 pounds
Rarely
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement_** _: This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
_As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy._
_Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J268692