Overview:   

Ensures the integrity and resilience of the organization's security and information systems through the identification and investigation of potential threats through detailed analysis on Cybersecurity monitoring tools.

Primary Responsibilities:Characterize and analyze network traffic using techniques such as log analysis, multi-source analysis, and contextual analysis, to identify anomalous activity and potential threats to network resources.Complete static malware, threat, and log analysis in coordination with past incident analysis data and/or current threat analysis.Suggest opportunities for tuning of rules and alerts for security systems and tools that will improve detection capabilities and reduce false positives.Immediately escalate suspected imminent or hostile intentions or activities that could impact the organization's objectives, resources, or capabilities to manager and/ or specialist.Maintains comprehensive documentation and logs of security threats, analysis, responses, and procedures in incident tracking and solution database in a manner that can be understood by a non-technical person.Assist in development of technical documents, incident reports, findings and use cases from intrusion artifacts, log summaries and other discovered data to the team and team leader(s).Provides recommendations to refine policies and procedures based on findings from internal incident data.Collaborate with peers on team to determine next steps for identified potential threat and suspected incidents by analyzing the event history, status, and potential impact and sharing findings with specialist/manager.Actively seeks out opportunities for professional growth and make recommendations for improving or new security practices, tools, and techniques.Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.Promote an environment that supports diversity and reflects the M&T Bank brand.Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.Complete other related duties as assigned.

Scope of Responsibilities:Partners with manager and peers.Follows Standard Operation Procedures while performing advanced analysis of security events. Work is closely managed and reviewed for accuracy and quality.Intermediate knowledge of all networks, user, and end-point monitoring tools.Advanced understanding of 1 or more network, user, or end-point monitoring tools.Train analyst to basic level knowledge of network, user, and end-point monitoring tools.

Manager Responsibilities:

No supervisory responsibilities.

Education and Experience Required:Associates degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 5 years’ higher education and/or relevant work experienceExperience conducting analysis of security logs, network traffic, and endpoint data to identify indicators of compromise and potential security incident.Intermediate understanding of cybersecurity principles, such as real-time monitoring, escalation procedures, documentation and reporting, and tool optimizationStrong written and verbal communication skillsAbility to effectively communicate technical information to peers and manager, including writing clear and concise incident reports.Able to work professionally with peers across the organization.Experience training analysts on how to use security monitoring systems.

Education and Experience Preferred: Basic Cybersecurity certifications (e.g., Security+, Network+)Prior experience working in a highly regulated industry (e.g., finance, healthcare, government)Intermediate knowledge of the general organizational processesIntermediate knowledge of digital evidence preservation conceptsBasic understanding of security orchestration, automation, and responseIntermediate proficiency with security information and event management toolsBasic ability to use anti-virus software and endpoint detection and response tools.Intermediate ability to use open-source intelligence concepts.Basic knowledge of network packet analyzersBasic knowledge of threat intelligence conceptsBasic ability collects artifacts and document incidents.Basic knowledge of scripting languagesBasic ability to logically identify and analyze protection opportunities in data loss prevention and cloud access security broker tools.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $32.19 - $53.65 Hourly (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

LocationBuffalo, New York, United States of America