Senior Cybersecurity Specialist (CSOC/SOC)

15 May 2024

Vacancy expired!

Location preference for this position is Buffalo, NY; Millsboro, DE; or Wilmington, DE. Secondary location would be 100% remote. There is an opportunity to work a four or five day schedule, on either day or night shift.

Overview:

The successful candidate will provide support to a first line, internal 24x7x365 Cybersecurity Operations Center (CSOC) environment. They will serve as an experienced, highly technical lead that can assist more junior staff in analysis, while providing mentorship and development for their more junior peers. In addition, the Senior Specialist will assist with first line monitoring and provide analysis in response to identified security violations that are reported to the Bank's security tools. Further, the Senior Specialist will also be expected to provide team level leadership in the event of investigations or incidents, whether potential or realized. They will also have input into the administrative operations of the CSOC and assist with the implementation of new procedures, tools, and initiatives to enhance the CSOC's functional state.

Primary Responsibilities:
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources and develop proactive solutions to maintain or improve security posture.
  • Lead and coordinate technical assistance on digital evidence matters to appropriate personnel.
  • Lead and oversee development of technical documents, incident reports, findings and use cases from intrusion artifacts, log summaries and other discovered data to the team and team leader(s).
  • Complete dynamic malware, threat and log analysis in coordination with past incident analysis data and/or current or emerging threat analysis implement potential remediation efforts.
  • Conduct research, analysis and correlation across all source data sets including indications and warnings and validate results and impact in coordination with Enterprise Security and all appropriate teams and stakeholders.
  • Analyze and evaluate network and system security alerts from multiple sources within the enterprise and determine possible causes, impacts and provide remediation recommendations to leadership.
  • Oversee incident tracking and solution database and lead development of training, tuning and optimization of processes.
  • Notify designated managers, cyber incident responders and appropriate stakeholders of suspected cyber incidents and articulate the event's history, status and potential impact for further action in accordance with the organization's cyber incident response plan.
  • Conduct detailed and independent analysis of log files, evidence and other information sources to develop outcome reporting and recommend best methods for identifying the perpetrator(s) of a network intrusion or other crimes and remediation requirements and lead investigation and remediation efforts with appropriate persons, teams and stakeholders.
  • Provide timely notice of imminent, hostile intentions or activities impacting organization objectives, resources or capabilities including leading high severity or emergency response events.
  • Complete daily, weekly, monthly and annual Key Risk Indicator (KRI), Key Performance Indicator (KPI) and summary reports for network security events and activity relevant to cyber defense practices and operations.
  • Oversee creation, development and validation of SOPs.
  • Maintain thorough digital logs, use cases and reports of events, incidents and analysis.
  • Coordinate recommendations for framework, design, threat and posture analysis and reporting for current and future-state planning.
  • Provide recommendations and coordinate communication efforts for Audit, Disaster Recovery, Contingency and Continuity of Operations planning.
  • Lead and align Operational priorities within the Department's security strategy and as part of Cybersecurity's overall strategy.
  • Represent the team on various committees.
  • Identify and communicate Cybersecurity threats, vulnerabilities, risks, emerging trends and mitigation strategies in alignment with the organization's risk appetite.
  • Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.
  • Promote an environment that supports diversity and reflects the M&T Bank brand.
  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
  • Complete other related duties as assigned.

Scope of Responsibilities:

Supervisory/Managerial Responsibility:

Not Applicable

Education and Experience Required:

Associates degree in an applicable discipline and a minimum of 5 years' relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree, a combined minimum of 7 years' higher education and/or work experience, including a minimum of 5 years' relevant experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations

Understanding of System Development Life Cycle (SDLC)

Experience researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning

Detailed technical experience with mainframe, virtual and/or distributed computing environments

Prior experience and demonstrated aptitude for quickly learning multiple new technical skills and supporting multiple systems, tools and processes across multiple disciplines and/or multiple teams

Experience actively leading complex problem and technical analysis walkthroughs

Experience completing complex problem analysis and resolution

Experience completing multiple shift schedules to support 24x7 team

Experience acting as a surrogate team leader to assign, review, evaluate and prioritize team efforts

Education and Experience Preferred:

Bachelor's degree in an applicable discipline and 4 years' relevant work experience

Minimum of 8 years' relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations

Experience with the Bank's application development support software and hardware platforms

Experience introducing application development alternatives through an understanding of client area function and deliverable requirements for current and future-state planning

Extensive technical experience with mainframe, virtual and/or distributed computing environments

CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified Risk and Information Systems Control) certification and one or more applicable Cybersecurity domain-related industry-recognized certification or concentration specialties

Experience with one or more programming languages, with a focus on scripting-oriented languages (e.g., Python, PowerShell, etc.)

Experience supporting multiple systems, tools and processes

Experience as a surrogate team leader to assign, review, evaluate, and prioritize team efforts

#Dice #security+ #cysa #CISSP #CISM #CISA

Location Buffalo, New York, United States of America

  • ID: #40919794
  • State: New York Buffalo 14201 Buffalo USA
  • City: Buffalo
  • Salary: USD TBD TBD
  • Job type: Permanent
  • Showed: 2022-05-15
  • Deadline: 2022-07-13
  • Category: Security