Career Search

Cybersecurity Operations Defense Analyst III - 3DL81 in Millsboro, DE at M&T Bank

Date Posted: 10/2/2018

Job Snapshot

Job Description

M&T Bank
Cyber Operations Defense Analyst III - Night shift - Weekend shift
Location: Millsboro, DE
Alternate Location: Amherst, NY
Job Function
  • Uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur within the network in order to protect information, information systems, and networks from threats.
  • Recognizes corollary or potentially-related events to identify trends and impacts to the organization's security posture and proactively mitigates associated risks.  Provides detailed reports, Standard Operating Procedures, and documentation related to identified events and/or new processes.
Position Responsibilities
  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Capture and analyze system and event logs associated with malicious activities using security monitoring tools.
  • Collect intrusion artifacts (e.g., source code, malware, trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Perform static malware, threat, and log analysis in coordination with past incident analysis data and/or current or emerging threat analysis.
  • Conduct research, analysis, and correlation across a wide variety of all source data sets including indications and warnings.
  • Analyze incident data for security events and identify emerging trends and identify possible causes.
  • Maintain the incident tracking and solution database and provide recommendations for training, tuning, and optimization of processes.
  • Notify designated managers, cyber incident responders, and appropriate stakeholders of suspected cyber incidents and articulate the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan.
  • Conduct independent analysis of log files, evidence, and other information in order to determine best methods for identifying the perpetrator(s) of a network intrusion or other crimes in coordination with appropriate persons, teams, and stakeholders.
  • Provide timely notice of imminent or hostile intentions or activities which may impact organization objectives, resources, or capabilities.
  • Provide daily summary reports of network events and activity relevant to cyber defense practices as part of shift turnover activities.
  • Follow Cybersecurity Standard Operating Procedures (SOPs) and assist in the creation, development, and validation of current or new SOPs.
  • [For individual contributors] Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite.  Identify risk-related issues needing escalation to management.
  • Promote an environment that supports diversity and reflects the M&T Bank brand.
  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Minimum Qualifications
  • Associates degree in an applicable discipline, and three (3) years relevant work experience
    • In lieu of a degree, five (5) years of relevant work experience in two (2) or more of the following Cybersecurity domains:  a. Security and Risk Management; b. Asset Security; c. Security Engineering; d. Communication and Network Security; e. Identity and Access Management; f. Security Testing; and, g. Security Operations.
  • Understanding of the System Development Life Cycle (SDLC).
  • Detailed knowledge of application development support software and hardware platforms.
  • Technical understanding of mainframe and/or distributed computing environments.
  • Prior experience with performing complex problem analysis and problem resolution.
  • Prior experience with quickly learning new technical skills and supporting systems, tools, and processes.
  • Experience with active participation in technical analysis walkthroughs.
Preferred Qualifications
  • Bachelor degree in an applicable discipline and one (1) year of relevant work experience in two (2) or more of the following Cybersecurity domains:  a. Security and Risk Management; b. Asset Security; c. Security Engineering; d. Communication and Network Security; e. Identity and Access Management; f. Security Testing; and, g. Security Operations.
  • Knowledge of M&T's application development support software and hardware platforms and capable of researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning.
  • Technical experience with mainframe, virtual, and/or distributed computing environments.
  • Experience in performing complex problem analysis and problem resolution.
  • Knowledge of programming language syntax, with a focus on scripting-oriented languages (e.g., Python, PowerShell, etc.)
  • CYSA certification or applicable Cybersecurity domain-related industry-recognized certification.
  • Ability to complete all shift work to support 24x7 team.
M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer.
M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas.
M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.