Cybersecurity Threat Detection Engineer

The Bank sponsors individuals for TN and H-1B transfers on a case by case basis. Please note that this position is not open to anyone on an F-1 student visa including those eligible for CPT / OPT or the Stem OPT extension.

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview :

Assist with the design, delivery and maintenance of robust threat detection capabilities using advanced threat analytic systems to safeguard the organization's information and information systems.

May complete daily support activities and special projects. Often directs and monitors the activities of less experienced staff.

Coordinates with Cybersecurity teams, stakeholders and leadership to provide framework, design, threat, posture analysis and reporting.

Primary Responsibilities :

• Assist with with the design, development and maintenance of threat detection rules, alerts and use cases to support the organization's detection strategy
• Leverage Risk Based Analytics to prioritize and manage security events based on risk scores to enhance effectiveness and accuracy of threat detection and response.
• Continuously evaluate and improve the performance and efficacy of the SIEM by tuning existing rules and integrating new data sources.
• Leveraging expert knowledge of the dynamic threat landscape, leverage advanced capabilities to detect advanced multi-stage attack scenarios.
• Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite.

Identify risk-related issues needing escalation to management.

• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Provide support for the maintenece of M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Education and Experience Required :

Associates degree and a minimum of 3 years' relevant work experience,

OR in lieu of a degree,

A combined minimum of 5 years' higher education and or work experience, including a minimum of relevant work experience in two (2) or more of the following Cybersecurity domains : a.

Security and Risk Management; b. Asset Security; c. Security Engineering; d. Communication and Network Security; e. Identity and Access Management;

f. Security Testing; and, g. Security Operations

Understanding of the System Development Life Cycle (SDLC), networking concepts and protocols, and network security methodologies

Capable of researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning

Technical experience with mainframe, distributed computing environments, and network security architecture concepts including topology, protocols, components, and principles

Prior experience in performing complex problem analysis and problem resolution across multiple disciplines

Prior experience with and demonstrable aptitude for quickly learning new technical skills and supporting multiple systems, tools, and processes

Technical experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), attack methodologies and traffic flows for threats and vulnerabilities

Detailed technical knowledge of Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Education and Experience Preferred :

Bachelor's degree in an applicable discipline

Experience introducing application development alternatives through an understanding of client area function and deliverable requirements for current and future-state planning

Technical experience with SIEM technologies and detection capabilities

Experience developing detection capabilities using SPL, KQL or Machine Learning models

Splunk certification (e.g., Splunk Certified Power User, Splunk Certified Admin, etc)

Experience supporting multiple systems, tools and processes

LI-JB3 #Hybrid

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $93,581.

10 - $155,968.51 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America