This site uses cookies. To find out more, see our Cookies Policy

Career Search

Cybersecurity Infrastructure Defense Specialist in Amherst, NY at M&T Bank

Date Posted: 12/2/2018

Job Snapshot

Job Description

M&T Bank

Cybersecurity Infrastructure Defense Specialist

Amherst, NY

Alternate location: Millsboro, DE

Provides designs, specifies information systems solutions and highly technical direction in the development of new or existing programs to solve basic to complex problems or enhancements.
Acts as a principal application designer for major modifications effectively using analytical skills, technical skills, available technology and tools in the evaluation of client requirements and processes. Provides solutions that are technologically sound. May perform day to day support activities and special projects. Often directs and monitors the activities of junior staff.

Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources, and provide recommendations for proactive recommendations to maintain or improve security posture.
Support development, implementation, and execution of various operational risk and compliance related initiatives, systems, and processes.
Provide centralized governance, compliance, and risk management expertise to M&T Bank Corporation business lines, support functions and managers concerning information security and privacy regulatory compliance and/or risk management and Information Technology and Bank Operations on all applicable information security and privacy regulations concerning financial institutions.
With collaboration from senior team members, provide guidance, testing plans, and/or survey documents to be used by all business units to ensure conformance to established compliance, regulatory, best practice, and risk management programs.
Identify potential conformance issues, review with supervisor or senior professionals, and provide to functional areas requiring improvements.
Responsible for extensive contact with operations, technology, and business unit personnel in a training and auditing capacity.
Support functions, systems, and processes critical to the corporation's ability to meet regulatory, legal, and risk mitigation requirements and to reduce the risk of fine/penalties resulting from non-compliance that would impact profitability.
Interact with various internal and external audit/regulatory examination personnel.
Assist with replies to questionnaires sent to the bank and follows up on questions or comments to external agencies when required.
Operate under supervision of the Team Leader and provides guidance and mentoring to junior team members.
Responsible for regular interaction with middle management, supervisors, and associated staff, Internal Audit, Compliance, Risk Management, the Corporate Information Security Officer (CISO), Chief Counsel's Office (CCO), and/or other technology personnel, clients, and vendors.
Interact, coordinate, and oversee initiatives with internal and outside teams and external professional organizations supporting areas of expertise.
Assist with documenting and communicating proposed new approaches, methods, technologies, or breakthroughs in area of expertise and coordinates efforts with junior team members to ensure accuracy and timeliness.
Represent information security as a technical representative and Subject Matter Expert (SME) for governance, compliance, and risk management function on committees, ad-hoc projects, etc. as assigned.
Work independently on all high-level systems analysis and technical phases of development.
Oversee and coordinate activities of other Cybersecurity Network Defense team members on projects ranging in scope from small to large, may lead project activities.
Monitor staff performance on assigned projects with regard to their overall abilities and effectiveness in completing projects within schedules.
Provide backup to the Team Leader, as may be required.
Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.

Required Qualifications:
Associates degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 5 years’ higher education and or work experience, including a minimum of relevant work experience in two (2) or more of the following Cybersecurity domains: a. Security and Risk Management; b. Asset Security; c. Security Engineering; d. Communication and Network Security; e. Identity and Access Management; f. Security Testing; and, g. Security Operations
Understanding of the System Development Life Cycle (SDLC), networking concepts and protocols, and network security methodologies
Capable of researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning
Technical experience with mainframe, distributed computing environments, and network security architecture concepts including topology, protocols, components, and principles
Prior experience in performing complex problem analysis and problem resolution across multiple disciplines
Prior experience with and demonstrable aptitude for quickly learning new technical skills and supporting multiple systems, tools, and processes
Technical experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), attack methodologies and traffic flows for threats and vulnerabilities
Detailed technical knowledge of Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Preferred Qualifications:
Bachelor’s degree and a minimum of 2 years’ in Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree, a combined minimum of 6 years’ higher education and/or work experience, including a minimum of 2 years’ in Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations
Experience with M&T's application development support software and hardware platforms and ability to introduce application development alternatives through an understanding of client area function and deliverable requirements for current and future-state planning
Detailed technical experience with mainframe, virtual, and/or distributed computing environments
CISSP, CISM, or CRISC certification or Cybersecurity domain-related industry-recognized certification
Ability to act as a surrogate team leader to assign, review, evaluate and prioritize team efforts

We encourage candidates with relevant military experience to apply.

About M&T

At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T.  As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.

M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer. M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas. M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.