Address
Form of workThe Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT/OPT or the Stem OPT extension.
This role offers a hybrid work schedule; offering the flexibility to work from home two days a week, while providing the opportunity for in-person collaboration.
This role offers a hybrid work schedule; offering the flexibility to work from home two days a week, while providing the opportunity for in-person collaboration.
**This position is available in Buffalo, NY and Potentially Remote**
About M&T Bank
At M&T Tech, we’re a team of makers, doers, and builders, working to create the most advanced technology solutions in banking. We’re not your stereotypical suit and tie bankers: we’re an innovative team of leading tech experts, pushing boundaries, and taking risks. We’re building an agile team of the most skilled and creative workers to solve complex problems, architect solutions, write high-performance software, and chart our new path, all to make the lives of our customers, and the communities that we serve, better. Join us and be part of something new as we build tomorrow’s bank, today.
Vice President: Senior Cybersecurity Incident Response Specialist Lead
Flexible hybrid working environment available for this position
This individual is considered to be a master-level technical expert on cyber Incident Response throughout the Cybersecurity Operations Division. The successful candidate will independently lead various groups throughout Cybersecurity Operations and other business line key stakeholders to ensure that the Bank’s Incident Response Program is as robust as possible, continually maturing, while ensuring overall bank risk objectives are met.
Position Responsibilities include:
- Lead and/or direct real-time cyber defense Incident Response (e.g., initial intrusion correlation and tracking, threat analysis, in-depth technical investigation, and direct system remediation) tasks in support of the Cybersecurity Operations Division.
- Lead and/or direct cyber defense incident triage, to include determining scope, urgency, and potential impact; identifying the specific vulnerability; and making recommendations that enable expeditious remediation.
- Lead cross-functional teams within the Cybersecurity Operations Division and other key stakeholders on a regular basis on implementation and management of the design, development, and execution of Incident Response functions that meet or exceed current and future needs of the organization.
- Develop Incident Response functions in coordination with Cybersecurity Operations stakeholders.
- Document results as well as write and publish after-action reviews.
Minimum Qualifications and Experience:
- Associates’ degree in an applicable discipline and a minimum of 6 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: or in lieu of a degree, a combined minimum of 8 years’ higher education and/or work experience, including a minimum of 6 years’ relevant experience in two (2) or more of the following Cybersecurity domains: Cyber incident detection, prevention, response, and/or remediation, Incident Response in a cloud environment, host or network forensic analysis, malware analysis, cyber threat hunting, cybersecurity systems engineering
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of intrusion detection methodologies and techniques for detecting host and network-based intrusions.
- Knowledge of cyber defense and information security policies, procedures, and Regulations.
- Knowledge of SIEM tools, HIPS/HIDS, PCAP analysis, Incident Response Platforms (e.g. Jira/ServiceNow), EDR tools, and CSOC operations.
Preferred Qualifications and Experience:
Bachelor’s degree in cybersecurity or technology-related field.
Certifications:
- GCIH or equivalent (CASP, GCED, CISSP, GISP, GDAT, GCED)
Experience:
- A combined minimum of 8 years’ higher education and/or work experience, including a minimum of 6 years’ relevant experience in security operations, preferably Incident Response.
- 4+ years of demonstrable experience in the following areas (including, but not limited to): security alert tuning and automation, host forensics, malware analysis, network traffic analysis, intrusion investigation, and log review.
M&T Bank is a Top 10 US bank holding company and one of the best performing and financial stable regional banks in the country, we offer our technology employees a wide range of performance-based career development opportunities. We have a strong commitment to our customers and the communities we serve, and we continue to grow with a focus on the future. So, when looking to advance your career, look to M&T. Grow with us.
Hiring Immediately.
We support our team members with generous benefits.
- Competitive compensation
- Health, welfare, and retirement benefits
- 401(k) match at 5%
- Work-life balance and flexible work arrangements
- Up to 25 days PTO plus 12 paid holidays
#LI-JB3
#LI-Remote
#MTBTechCareers, #MTBCareers #MTBTechLife & #MTBTechHub #CybersecurityJobs #InfosecJobs #CybersecurityCareer #Hiring #JobOpening #ITJobs #TechJobs #CISSP #Cybersecurity, #cyber #cybersecurity #csoc #incidentresponse #cyberIR #IR #threathunt #threathunting #thrunt #DFIR #digitalforensics #advancedthreat #malwareanalysis #malware #cnmf #cyberdefense #cyberprotect #cyberprotection #cpt #SIEM #EDR #endpointdetectionandresponse #splunk #crowdstrike #cyberops #cyberctf #cybersoc #cybersecurityoperations #pcap #trafficanalysis #informationsecurity #infosec
Location:
Clanton, Alabama, United States of America
