M&T Bank - Clanton, AL

posted about 2 months ago

Full-time - Mid Level
Clanton, AL
1,001-5,000 employees
Credit Intermediation and Related Activities

About the position

The Cybersecurity Operations Defense Analyst III position at M&T Bank is a critical role focused on protecting the organization's information systems and networks from various cyber threats. The analyst will utilize defensive measures and information gathered from multiple sources to identify, analyze, and report events occurring within the network. This role is essential in recognizing related events to identify trends and impacts on the organization's security posture, allowing for proactive risk mitigation. The analyst will be responsible for providing detailed reports, Standard Operating Procedures (SOPs), and documentation related to identified events and new processes. In this position, the analyst will characterize and analyze network traffic to identify anomalous activities and potential threats to network resources. They will capture and analyze system and event logs associated with malicious activities using security monitoring tools. The role involves collecting intrusion artifacts and utilizing discovered data to enable the mitigation of potential cyber defense incidents within the enterprise. The analyst will also conduct static malware, threat, and log analysis in coordination with past incident analysis data and current or emerging threat analysis. The analyst will be expected to conduct research, analysis, and correlation across all source data sets, including indications and warnings. They will analyze incident data for security events, identify emerging trends, and determine possible causes. Maintaining an incident tracking and solution database is crucial, along with providing recommendations for training, tuning, and optimization of processes. The analyst will notify designated managers and cyber incident responders of suspected cyber incidents, articulating the event's history, status, and potential impact for further action in accordance with the organization's cyber incident response plan. Additionally, the analyst will conduct independent analysis of log files and other information to identify the best methods for determining the perpetrator(s) of a network intrusion or other crimes. They will provide timely notice of imminent or hostile intentions impacting organizational objectives and resources. Daily summary reports of network events and activities relevant to cyber defense practices will be part of the shift turnover activities. The analyst will follow Cybersecurity SOPs and assist in the creation, development, and validation of current or new SOPs, while adhering to the company's risk and regulatory standards, policies, and controls. The role also involves identifying risk-related issues needing escalation to management and promoting an environment that supports diversity and reflects the M&T Bank brand.

Responsibilities

  • Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.
  • Capture and analyze system and event logs associated with malicious activities using security monitoring tools.
  • Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Complete static malware, threat and log analysis in coordination with past incident analysis data and/or current or emerging threat analysis.
  • Conduct research, analysis and correlation across all source data sets including indications and warnings.
  • Analyze incident data for security events and identify emerging trends and identify possible causes.
  • Maintain incident tracking and solution database and provide recommendations for training, tuning and optimization of processes.
  • Notify designated managers, cyber incident responders and appropriate stakeholders of suspected cyber incidents and articulate the event's history, status and potential impact for further action in accordance with the organization's cyber incident response plan.
  • Conduct independent analysis of log files, evidence and other information to determine best methods for identifying the perpetrator(s) of a network intrusion or other crimes in coordination with appropriate persons, teams, and stakeholders.
  • Provide timely notice of imminent or hostile intentions or activities impacting organization objectives, resources or capabilities.
  • Provide daily summary reports of network events and activity relevant to cyber defense practices as part of shift turnover activities.
  • Follow Cybersecurity SOPs and assist in creation, development and validation of current or new SOPs.
  • Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite.
  • Identify risk-related issues needing escalation to management.
  • Promote an environment that supports diversity and reflects the M&T Bank brand.
  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
  • Complete other related duties as assigned.

Requirements

  • Associates degree in an applicable discipline and a minimum of 2 years' relevant work experience in two (2) or more Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations.
  • Understanding of System Development Life Cycle (SDLC).
  • Detailed knowledge of application development support software and hardware platforms.
  • Technical understanding of mainframe and/or distributed computing environments.
  • Prior experience completing complex problem analysis and problem resolution.
  • Prior experience quickly learning new technical skills and supporting systems, tools and processes.
  • Experience with active participation in technical analysis walkthroughs.

Nice-to-haves

  • Bachelor's degree in an applicable discipline.
  • Minimum of 4 years' relevant work experience in two (2) or more Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations.
  • Knowledge of the Bank's application development support software and hardware platforms.
  • Experience researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning.
  • Technical experience with mainframe, virtual and/or distributed computing environments.
  • Experience completing complex problem analysis and problem resolution.
  • Knowledge of programming language syntax, with a focus on scripting-oriented languages (e.g., Python, PowerShell, etc.).
  • CYSA (Cybersecurity Analyst+ Certification) certification or applicable Cybersecurity domain-related industry-recognized certification.
  • Ability to complete all shift work to support 24x7 team.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service