The Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT/OPT or the Stem OPT extension.

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview:

Our Cyber Threat Hunting team is dedicated to enhancing the bank’s cybersecurity posture through extensive research, threat simulations, active threat hunting, and collaborative purple team engagements. This team partners with various departments across the bank to identify and mitigate potential threats, ensuring robust security measures are in place.

Role Responsibilities

As a Threat Hunter, you will analyze and correlate extensive data sets to uncover new threats and attack techniques within the bank’s environments. Your role will involve collaborating with other teams to develop analytical methods for detecting advanced threat actors using emerging tactics and techniques. You will also be responsible for developing and documenting innovative threat hunt hypotheses to enhance the team's ability to identify existing, yet undetected, threats. Additionally, you will be expected to share knowledge and mentor junior members of the threat hunt, and other peer teams actively.

Primary Responsibilities:

• Characterize and analyze advanced threat data to identify anomalous activity and potential threats to network resources, and provide recommendations for proactive recommendations to maintain or improve security posture.
• Support the development, implementation, and execution of various advanced threat-related initiatives, systems, and processes.
• With collaboration from senior team members or under guidance, provide guidance, testing plans, and/or analysis reporting to be used within the team and Cybersecurity Operations to ensure conformance to established compliance, regulatory, best practice, and risk management programs.
• Identify potential threats, review with more experienced personnel, and provide recommendations for functional and/or operational improvement.
• Responsible for coordination with more experienced personnel, Operations, Technology, and business unit personnel in a training, auditing, analysis, and outreach capacity.
• Responsible for supporting functions, systems, and processes critical to the Corporation's ability to identify, investigate, minimize, and defend against advanced threats.
• May interact with various internal and external audit, regulatory, privacy, and/or compliance personnel.
• Responsible for regular interaction with middle management, supervisors, and associated staff, Internal Audit, Compliance, Risk Management, the Corporate Information Security Officer (CISO), Chief Counsel's Office (CCO), and/or other technology personnel, clients, and vendors.
• May interact, coordinate, and oversee initiatives with internal and outside teams and external professional organizations supporting areas of expertise.
• Assist with documenting and communicating proposed new approaches, methods, technologies, or breakthroughs in area of expertise and coordinate efforts with less experienced team members to ensure accuracy and timeliness.
• Represent Information Security as a technical representative and Subject Matter Expert (SME) for Governance, Compliance, and Risk Management function on committees, ad-hoc projects, etc. as assigned.
• Capable of working independently on all high-level systems analysis and technical phases of development.
• Capable of overseeing and coordinating the activities of other Cybersecurity Network Defense team members on projects ranging in scope from small to large, may lead project activities.
• Monitor staff performance on assigned projects with regard to their overall abilities and effectiveness in completing projects within schedules.
• Provide backup to the Team Leader, as required by absence.
• Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite.  Identify risk-related issues needing escalation to management.
• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

This position operates under supervision of the Team Leader

Supervisory/Managerial Responsibilities:

The position provides guidance and mentoring to junior team members.

Education and Experience Required:

Combined minimum of 8 years of higher education and/or work experience, including a minimum of 5 years’ relevant work experience  in Security Operations, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
Proficiency in analyzing system, network, and application logs for attack techniques at all stages of the cyber kill chain.
Experience evaluating, analyzing, and synthesizing large quantities of data (which may be fragmented and contradictory) and accurately determining the potential range and scope of threats and assisting with development of high-quality intelligence reporting
Ability to consume and analyze Cyber Threat Intelligence for actionable insights.

Prior experience with and demonstrable aptitude for quickly learning new technical skills and supporting multiple systems, tools, and processes
Proficiency with one or more enterprise-scale EDR and SIEM tools.
Technical experience with common networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks
Experience with tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation
Demonstrated ability to self-direct and achieve goals with minimal supervision.

Education and Experience Preferred:

Bachelor’s degree in an applicable discipline

Minimum of 6 years’ relevant work experience in two or more of the following Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and/or Security Operations

Experience with tools, techniques, and methodologies analyzing and mitigating cyber attack stages, including: reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation

Detailed technical experience with common networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks

CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems) certification or one or more platform-specific or Cybersecurity domain-related industry-recognized certification or concentration specialties

Skill in applying Cyber Threat Intelligence through enrichment, correlation, and attribution.

Familiarity with offensive security strategies and assessment methodologies.

Previous experience in digital forensics or incident response during significant security incidents.

Experience actively leading complex problem and technical analysis walkthroughs

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $110,635.01 - $184,391.68 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America