Lead Database Scanning Specialist
$93,581 - $155,969/Yr
M&T Bank - Buffalo, NY
posted 20 days ago
Full-time - Senior
Buffalo, NY
Credit Intermediation and Related Activities
About the position
The Lead Database Scanning Specialist at M&T Bank is responsible for conducting detailed analyses of vulnerabilities within the organization's security and information systems. This senior-level role involves auditing analyses and reports, training less-experienced analysts, and leading the implementation of new methodologies for vulnerability scanning. The position offers a hybrid work schedule, allowing for remote work two days a week while facilitating in-person collaboration at the Buffalo, NY Tech Hub.
Responsibilities
- Refine testing methodologies for vulnerability scanning to provide a comprehensive risk-based view of potential vulnerabilities.
- Create configuration scanning plans to ensure compliance with internal policies and best practices; lead configuration scanning of systems and networks.
- Organize monitoring techniques to monitor database activities and performance, managing responses to detected issues with cross-functional teams.
- Lead analysis of active and network vulnerability scans to identify potential exploits, misconfigurations, and attacks; partner with cross-functional teams to execute remediation plans.
- Develop vulnerability management policies and standards in partnership with technology and risk teams, educating technology teams on integration into infrastructure development.
- Design infrastructure testing frameworks to ensure alignment with policies and standards during technology development and deployment.
- Formulate and recommend advanced best practices to technology teams for improving or implementing new security practices, tools, and techniques.
- Produce and interpret advanced reporting with recommendations for cybersecurity and technology leadership, including audit reports and regulatory datasets.
- Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite.
- Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis.
- Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points.
Requirements
- Bachelor's degree and a minimum of 3 years' relevant work experience, or a combined minimum of 7 years' higher education and/or work experience in lieu of a degree.
- Excellent written and verbal communication skills.
- Strong ability to effectively communicate technical information to both non-technical and technical stakeholders, including senior leadership in Cybersecurity.
- Experience effectively collaborating with leadership and peers across the organization.
- Prior experience with and demonstrable aptitude for quickly learning new technical skills.
Nice-to-haves
- Advanced certifications such as CISSP, CISM, GIAC, OSCP, or other cybersecurity-related certifications.
- Demonstrated experience working in a highly regulated industry (e.g., finance, healthcare, government).
- Experience evaluating, analyzing, and synthesizing large quantities of data for intelligence reporting.
- Proficient critical thinking and problem-solving skills.
- Intermediate understanding of advanced vulnerability concepts and practices.
Benefits
- Hybrid work schedule with remote work flexibility.
- Competitive salary range of $93,581.10 - $155,968.51 annually.
