Cybersecurity Vulnerability Manager

Posted:
8/13/2024, 5:00:00 PM

Location(s):
Buffalo, New York, United States ⋅ New York, United States

Experience Level(s):
Expert or higher ⋅ Senior

Field(s):
IT & Security

Workplace Type:
Hybrid

The Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT/OPT or the Stem OPT extension.

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview:

As the Manager of Infrastructure Security Management at M&T Bank, you will lead the implementation and management of enterprise security controls across M&T’s on-premise environment and cloud environment, providing strategic technical leadership, and fostering a culture of operational excellence among the teams you lead. This role is integral to our technology transformation journey, ensuring the security posture of our bank-wide infrastructure and applications.
 

Key Responsibilities:

  • Lead the Cybersecurity Infrastructure Security team to develop a comprehensive strategy and roadmap to improve infrastructure security and securely enable M&T’s cloud journey

  • Responsible for leading a multi-disciplinary team focused on designing risk based vulnerability assessments, including but are not limited to, vulnerability testing, configuration management, and database monitoring.

  • Collaborate with cross-functional teams to integrate security measures into the infrastructure development, deployment, and monitoring

  • Provide guidance and support to infrastructure partners on security best practices and ensuring adherence to M&T’s security posture

  • Stay up to date on emerging threats and vulnerabilities, and proactively recommend security enhancements.

  • Lead and mentor a team of infrastructure security professionals to ensure a strong security posture across all infrastructure including on-premise and cloud infrastructure components

  • Own and manage Infrastructure Testing metric and remediation-related dashboards and reports.

  • Own and manage infrastructure security scanning tools and vendor relationships.

  • Develop analytics to evaluate and enhance the effectiveness of the vulnerability management program including, tools, technologies, policies.

  • Communicate effectively with all levels of organizational leadership, conveying complex technical concepts in a clear and concise manner.

Minimum Required Qualifications:

  • Bachelor’s degree and a minimum of 10 years’ of technology and cybersecurity domain experience, or in lieu of a degree, a combined minimum of 13 years’ higher education and/or work experience, including a minimum of 10 years’ of technology and cybersecurity domain experience.

  • A minimum of 3+ years of technical supervisory or management experience, demonstrating the ability to lead and inspire cross-functional teams including management experience within vulnerability management

  • Relevant work and leadership experience in two or more of the following Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations

  • Proven experience managing multiple stakeholder relationships, including determining needs, requirements, and resources, and managing stakeholder expectations while committing to delivering quality results

  • Proven experience communicating complex information, concepts, or ideas in a confident, accurate, and well-organized manner through verbal, written, and/or visual media

  • Proven experience adjusting and operating in a diverse, challenging, and unpredictable fast-paced work environment

  • Proven experience coordinating, collaborating, and disseminating information to multiple subordinate, peer, and leadership teams, departments, and organizations

  • Prior experience advising and providing assistance to operations and intelligence decision makers in response to dynamic situations

Preferred Qualifications:

  • Proven experience in infrastructure security, including vulnerability and configuration management in both on-premise and cloud environments

  • Strong understanding of infrastructure and cloud-based infrastructure technologies, and protocols.

  • Familiarity with industry standards and frameworks such as CVSS, EPSS, ISO 27001, and NIST.

  • Experience with security testing tools and techniques.

  • Excellent communication and leadership skills.

  • Hands-on experience with infrastructure security tools and technologies.

  • Familiarity with cloud security principles and practices.

#LI-JB3

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $130,795.52 - $217,992.53 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America