Career Search

Cyber Defense Analyst (Evening Shift) - 3DIUW in Amherst, NY at M&T Bank

Date Posted: 9/30/2018

Job Snapshot

  • Employee Type:
  • Location:
    Amherst, NY
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
  • Job ID:

Job Description

M&T Bank

Cyber Defense Analyst /Full-time/Night shift

Amherst, NY 


Evening Shift - 7pm-7:30am

3 days a week only (three 12.5 hr shifts)

Must be able to work every Saturday

The Cyber Defense Analyst uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur within the network in order to protect information, information systems, and networks from threats.  This analyst is expected to work the evening shift from 7pm-7am.
This role recognizes corollary or potentially-related events to identify trends and impacts to the organization's security posture and proactively mitigates associated risks.  Additional functions include:

Providing detailed reports, Standard Operating Procedures, and documentation related to identified events and/or new processes to the team and various members of Cybersecurity.

Participates in the development, implementation, and execution of various operational risk and compliance related initiatives, systems, and processes.

Participates in providing centralized governance, compliance, and risk management expertise to M&T Bank Corporation business lines, support functions and managers concerning information security and privacy regulatory compliance and Information Technology and Bank Operations on all applicable information security and privacy regulations concerning financial institutions.

With collaboration from senior team members, provides guidance, testing plans, and/or survey documents to be used by all business units to ensure conformance to established compliance, regulatory, best practice, and risk management programs.

Identifies potential conformance issues, reviews with supervisor or senior professionals, develops any appropriate solution recommendations, and provides to respective functional areas.


Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.

Capture and analyze system and event logs associated with malicious activities using security monitoring tools.

Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber incidents within the enterprise.

Conduct research, analysis, and correlation across a wide variety of all source data sets including indications and warnings.

Maintain a good understanding of the function and content of information security policies, standards, procedures, and practices as well as the threats, risks and vulnerabilities at a functional level.

Conduct periodic information security policy, standards, regulatory, and governance compliance reviews and testing and/or risk assessments throughout the organization and in accordance with the business plan.

Provide knowledgeable support to business unit constituents in the completion of self-assessments and in understanding how governance and compliance regulations are achieved, documented, monitored, and tested.

Assist more junior team members in developing, maintaining, and executing documented testing plans for applicable policy, standards, regulations, and laws pertaining to information security.

Assist with portions of the bank-wide information security program.

Assist constituents in understanding exceptions and any recommended corrective actions.

Assist more junior staff in tracking implementation of corrective actions in client functional areas.

Lead related projects of medium to difficult complexity ensuring thorough project plans, attentive project tracking and reporting, and timely completion.

Provide development effort as required. Conduct training sessions and assist more junior staff in preparing for presentations and training sessions.

Ensure thorough validation of current and/or new policy, standards, regulatory, and compliance requirements.

Design and/or modify policy, standards, regulatory, and compliance control procedures.

Document procedures and disseminate to affected parties.

Participate in minimizing the Bank's exposure to potential regulatory and governance penalty assessments that might adversely affect the profitability of M&T Bank.

Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.

Adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.

Promote an environment that supports diversity and reflects the M&T Bank brand.

Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

Complete other related duties as assigned.



The position works under general supervision of the Cybersecurity Operations Manager while being afforded the opportunity to exercise independent judgment and discretion.

This position requires regular interaction with non-management, middle management, certain senior management, and business units and partners. It requires extensive contact with operations, technology, and business unit personnel in a training and auditing capacity.



Bachelor’s degree in Computer Science, Information Assurance, or related discipline. An equivalent combination of education and experience may be considered.

Three (3) years of experience in two (2) or more of these Cybersecurity domains: a. Security and Risk Management; b. Asset Security; c. Security Engineering; d. Communication and Network Security; e. Identity and Access Management; f. Security Testing; and, g. Security Operations

The work shift for this position is 7pm-7:30am, 3 days a week

Understanding of the System Development Life Cycle (SDLC).

Knowledge of application development support software and hardware platforms.

Technical background in mainframe and/or distributed computing environments.

A demonstrable a high aptitude for complex problem analysis and resolution.

Ability to actively participate in technical analysis walkthroughs.

Capable of quickly learning new technical skills.


Demonstrated principled work practices and sound professional ethics.

General understanding of Bank systems and processes.

Ability to work well as a member of a team.

Ability to handle several activities simultaneously in an organized fashion.

Sound analytical abilities.

Sound problem-solving skills.

Demonstrable written and verbal communication skills.


Demonstrable familiarity with development and implementation of policies, standards, and procedures.

Self-motived, organized and ability to learn quickly, and work under time constraints.

Flexible and adaptable to change.

We encourage candidates with relevant military experience to apply.


About M&T
At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. When looking to advance your career, look to M&T.  As a top-20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals.  Through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.
M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.