This role offers a hybrid work schedule; offering the flexibility to work from home two days a week, while providing the opportunity for in-person collaboration.
**This position is available in Buffalo, NY and Potentially Remote**
About M&T Bank
- Lead and/or direct real-time cyber defense Incident Response (e.g., initial intrusion correlation and tracking, threat analysis, in-depth technical investigation, and direct system remediation) tasks in support of the Cybersecurity Operations Division.
- Lead and/or direct cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
- Lead cross-functional teams within the Cybersecurity Operations Division and other key stakeholders on a regular basis on implementation and management of the design, development, and execution of Incident Response functions that meet or exceed current and future needs of the organization.
- Develop Incident Response functions in coordination with Cybersecurity Operations stakeholders.
- Document results as well as write and publish after-action reviews.
- Associates’ degree in an applicable discipline and a minimum of 6 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: or in lieu of a degree, a combined minimum of 8 years’ higher education and/or work experience, including a minimum of 6 years’ relevant experience in two (2) or more of the following Cybersecurity domains: Cyber incident detection, prevention, response, and/or remediation, Incident Response in a cloud environment, host or network forensic analysis, malware analysis, cyber threat hunting, cybersecurity systems engineering
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
- Knowledge of cyber defense and information security policies, procedures, and Regulations.
- Knowledge of SIEM tools, HIPS/HIDS, PCAP analysis, Incident Response Platforms (e.g. Jira/ServiceNow), EDR tools, and CSOC operations.
- GCIH or equivalent (CASP, GCED, CISSP, GISP, GDAT, GCED)
- A combined minimum of 8 years’ higher education and/or work experience, including a minimum of 6 years’ relevant experience in security operations, preferably Incident Response.
- 4+ years of demonstrable experience in the following areas (including, but not limited to): security alert tuning and automation, host forensics, malware analysis, network traffic analysis, intrusion investigation, and log review.
Hiring Immediately.
We support our team members with generous benefits.
- Competitive compensation
- Health, welfare, and retirement benefits
- 401(k) match at 5%
- Work-life balance and flexible work arrangements
- Up to 25 days PTO plus 12 paid holidays
#LI-JB3