Career Search

Threat Intelligence Analyst II - 3DLE2 in Amherst, NY at M&T Bank

Date Posted: 11/19/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    Amherst, NY
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    11/19/2018
  • Job ID:
    3DLE2

Job Description

M&T Bank

Threat Intelligence Analyst II

Amherst, NY

Alternate location: Millsboro, DE

 

Function:
Supports development, implementation, and execution of various Cybersecurity threat intelligence initiatives, systems, and processes.   Maintains in-depth knowledge of intelligence collection methods, technical analysis and dissemination of threat intelligence.  Maintains an understanding of technical concepts required to properly analyze and assess impact of Cybersecurity threats.  Assists in creating threat reports for new and emerging threats to the Bank, and reviewing threat reports before dissemination.
Responsibilities:
Characterize and analyze threat intelligence data to identify potential cyber related-information that could impact the Bank.
Support development, implementation and execution of various threat-intelligence initiatives, systems and processes.
Work with more experienced team members to provide guidance, testing plans, and/or analysis reporting to be used within the team and Cybersecurity to ensure conformance to established compliance, regulatory, best practice, and risk management programs.
Identify potential threats, review with more experienced team members, and disseminate information to applicable parties in accordance with standardized dissemination processes.
Coordinate with more experienced team members and Operations, Technology, and business unit personnel in an auditing, analysis, and outreach capacity.
Support functions, systems, and processes critical to the Corporation's ability to identify, investigate, minimize and defend against cybersecurity threats.
Interact with various internal and external audit, regulatory, privacy, and/or compliance personnel as needed.
Interact with outside teams and external professional organizations supporting areas of expertise as needed.
Assist with documenting and communicating proposed new approaches, methods, technologies, or breakthroughs in area of expertise.
Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite.  Identify risk-related issues needing escalation to management.
Promote an environment that supports diversity and reflects the M&T Bank brand.
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
Complete other related duties as assigned.
Nature & Scope:
This position works under general supervision while being afforded opportunity to exercise independent judgment and discretion.  This requires the position to interact regularly with non-management, middle management, certain senior management, and business units and partners.
Required Qualifications:
Associate’s degree and a minimum of 3 years’ relevant work experience in three or more of these Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree, a combined minimum of 5 years’ higher education and/or work experience, including a minimum of 3 years’ relevant work experience in three or more of these Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations
Prior experience completing complex problem analysis and problem resolution
Prior experience quickly learning new technical skills
Understanding of tactics and capabilities for advanced cyber attacks
Knowledge of common networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks
Knowledge of evaluating, analyzing, and synthesizing large quantities of data (which may be fragmented and contradictory) and accurately determining the potential range and scope of threats
Must be a US Citizen and eligible to obtain a US Government Security Clearance
Preferred Qualifications:
Understanding of different types of threat actors, and basic understanding of motivations and methodologies
Understanding of what types of intelligence a Cybersecurity Operations Center and the Financial Crimes team(s) would benefit from receiving and how it can be operationalized.
Knowledge of tools, techniques, and methodologies analyzing and mitigating cyber attack stages, including: reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation.
Technical understanding of common networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks.
Detailed knowledge of evaluating, analyzing, and synthesizing large quantities of data (which may be fragmented and contradictory) and accurately determining the potential range and scope of threats and contributing towards intelligence reporting.
Understanding of basic threat intelligence concepts, such as collection, analysis and dissemination.
GSEC, CYSA, or platform-specific or Cybersecurity domain-related industry-recognized certification.
M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer. M&T Bank Corporation does not sponsor individuals for the purpose of obtaining H-1 Visas. M&T Bank Corporation has policies and procedures in place to promote a drug free workplace.