Cybersecurity Threat Detection Engineer

$93,581 - $155,969/Yr

M&T Bank - Buffalo, NY

posted 4 months ago

Full-time - Mid Level
Buffalo, NY
Credit Intermediation and Related Activities

About the position

The Cybersecurity Threat Detection Engineer plays a crucial role in safeguarding the organization's information and information systems by assisting with the design, delivery, and maintenance of robust threat detection capabilities. This position involves utilizing advanced threat analytic systems to enhance the organization's detection strategy. The engineer will be responsible for developing and maintaining threat detection rules, alerts, and use cases, ensuring that the organization can effectively respond to potential threats. In this role, the engineer will leverage Risk Based Analytics to prioritize and manage security events based on risk scores, which will enhance the effectiveness and accuracy of threat detection and response. Continuous evaluation and improvement of the Security Information and Event Management (SIEM) system will be a key responsibility, including tuning existing rules and integrating new data sources to improve performance. The engineer will also need to stay informed about the dynamic threat landscape and utilize advanced capabilities to detect complex multi-stage attack scenarios. Adherence to the company's risk and regulatory standards is essential, and the engineer will be expected to identify risk-related issues that require escalation to management. Promoting a diverse work environment that reflects the M&T Bank brand is also a priority. Additionally, the engineer will support the maintenance of internal control standards and ensure timely implementation of audit points and issues raised by external regulators. Other related duties may be assigned as necessary.

Responsibilities

  • Assist with the design, development and maintenance of threat detection rules, alerts and use cases to support the organization's detection strategy
  • Leverage Risk Based Analytics to prioritize and manage security events based on risk scores to enhance effectiveness and accuracy of threat detection and response
  • Continuously evaluate and improve the performance and efficacy of the SIEM by tuning existing rules and integrating new data sources
  • Leverage expert knowledge of the dynamic threat landscape to detect advanced multi-stage attack scenarios
  • Understand and adhere to the Company's risk and regulatory standards, policies and controls in accordance with the Company's Risk Appetite
  • Identify risk-related issues needing escalation to management
  • Promote an environment that supports diversity and reflects the M&T Bank brand
  • Provide support for the maintenance of M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable
  • Complete other related duties as assigned

Requirements

  • Associates degree and a minimum of 3 years' relevant work experience, OR in lieu of a degree, a combined minimum of 5 years' higher education and or work experience, including a minimum of relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing, and Security Operations
  • Understanding of the System Development Life Cycle (SDLC), networking concepts and protocols, and network security methodologies
  • Capable of researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning
  • Technical experience with mainframe, distributed computing environments, and network security architecture concepts including topology, protocols, components, and principles
  • Prior experience in performing complex problem analysis and problem resolution across multiple disciplines
  • Prior experience with and demonstrable aptitude for quickly learning new technical skills and supporting multiple systems, tools, and processes
  • Technical experience with Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), attack methodologies and traffic flows for threats and vulnerabilities
  • Detailed technical knowledge of Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)

Nice-to-haves

  • Bachelor's degree in an applicable discipline
  • Experience introducing application development alternatives through an understanding of client area function and deliverable requirements for current and future-state planning
  • Technical experience with SIEM technologies and detection capabilities
  • Experience developing detection capabilities using SPL, KQL or Machine Learning models
  • Splunk certification (e.g., Splunk Certified Power User, Splunk Certified Admin, etc)
  • Experience supporting multiple systems, tools and processes

Benefits

  • Competitive salary range of $93,581.10 - $155,968.51 Annual (USD)
  • Hybrid work schedule with flexibility to work remotely two days a week
  • Opportunities for in-person collaboration at the Buffalo, NY Tech Hub
  • Support for diversity and inclusion in the workplace

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service