Vacancy expired!
Location preference for this position is Buffalo, NY; Millsboro, DE; or Wilmington, DE. Secondary location would be 100% remote. There is an opportunity to work a four or five day schedule, on either day or night shift.
Overview: The successful candidate will provide support to a first line, internal 24x7x365 Cybersecurity Operations Center (CSOC) environment. They will serve as an experienced, highly technical lead that can assist more junior staff in analysis, while providing mentorship and development for their more junior peers. In addition, the Senior Specialist will assist with first line monitoring and provide analysis in response to identified security violations that are reported to the Bank's security tools. Further, the Senior Specialist will also be expected to provide team level leadership in the event of investigations or incidents, whether potential or realized. They will also have input into the administrative operations of the CSOC and assist with the implementation of new procedures, tools, and initiatives to enhance the CSOC's functional state. Primary Responsibilities:- Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources and develop proactive solutions to maintain or improve security posture.
- Lead and coordinate technical assistance on digital evidence matters to appropriate personnel.
- Lead and oversee development of technical documents, incident reports, findings and use cases from intrusion artifacts, log summaries and other discovered data to the team and team leader(s).
- Complete dynamic malware, threat and log analysis in coordination with past incident analysis data and/or current or emerging threat analysis implement potential remediation efforts.
- Conduct research, analysis and correlation across all source data sets including indications and warnings and validate results and impact in coordination with Enterprise Security and all appropriate teams and stakeholders.
- Analyze and evaluate network and system security alerts from multiple sources within the enterprise and determine possible causes, impacts and provide remediation recommendations to leadership.
- Oversee incident tracking and solution database and lead development of training, tuning and optimization of processes.
- Notify designated managers, cyber incident responders and appropriate stakeholders of suspected cyber incidents and articulate the event's history, status and potential impact for further action in accordance with the organization's cyber incident response plan.
- Conduct detailed and independent analysis of log files, evidence and other information sources to develop outcome reporting and recommend best methods for identifying the perpetrator(s) of a network intrusion or other crimes and remediation requirements and lead investigation and remediation efforts with appropriate persons, teams and stakeholders.
- Provide timely notice of imminent, hostile intentions or activities impacting organization objectives, resources or capabilities including leading high severity or emergency response events.
- Complete daily, weekly, monthly and annual Key Risk Indicator (KRI), Key Performance Indicator (KPI) and summary reports for network security events and activity relevant to cyber defense practices and operations.
- Oversee creation, development and validation of SOPs.
- Maintain thorough digital logs, use cases and reports of events, incidents and analysis.
- Coordinate recommendations for framework, design, threat and posture analysis and reporting for current and future-state planning.
- Provide recommendations and coordinate communication efforts for Audit, Disaster Recovery, Contingency and Continuity of Operations planning.
- Lead and align Operational priorities within the Department's security strategy and as part of Cybersecurity's overall strategy.
- Represent the team on various committees.
- Identify and communicate Cybersecurity threats, vulnerabilities, risks, emerging trends and mitigation strategies in alignment with the organization's risk appetite.
- Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.