Menu

Senior SOC Analyst

at M & T Bank in Millsboro, Delaware, United States

Job Description

This position will sit in Buffalo, NY or Millsboro, DE.

Overview:

At M&T, we strive to be the best place our employees ever work, the best bank our customers ever do business with and the best investment our shareholders ever make. So when looking to advance your career, look to M&T. As a top 20 US bank holding company and one of the best performing regional banks in the country, we offer a wide range of performance based career development opportunities for talented professionals. And through our longstanding tradition of careful, conservative and consistent management and a strong commitment to the communities we serve, we continue to grow with a focus on the future.

M&T Bank’s Cybersecurity Operations Center provides 24×7×365 cyber monitoring for the enterprise. It is the first line for all monitoring and defensive activities, simultaneously serving as a hub and coordinator for critical events. The Senior SOC Analyst will monitor industry standard tools, including SIEM, IPS/IDS, user behavioral analytics, endpoint detection and response (EDR), among others to maintain M&T Bank’s security posture. Events will be analyzed and correlated to identify trends, impacts, and potential compromises for escalation and remediation. The Analyst will also be asked to act as an event coordinator for routine and critical incident calls, linking areas throughout Cybersecurity to mitigate potential or realized threats.

Primary Responsibilities:

+ Characterize and analyze network traffic to identify anomalous activity and potential threats to network resources.

+ Capture and analyze system and event logs associated with malicious activities using security monitoring tools.

+ Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.

+ Complete static malware, threat and log analysis in coordination with past incident analysis data and/or current or emerging threat analysis.

+ Conduct research, analysis and correlation across all source data sets including indications and warnings.

+ Analyze incident data for security events and identify emerging trends and identify possible causes.

+ Maintain incident tracking and solution database and provide recommendations for training, tuning and optimization of processes.

+ Notify designated managers, cyber incident responders and appropriate stakeholders of suspected cyber incidents and articulate the event’s history, status and potential impact for further action in accordance with the organization’s cyber incident response plan.

+ Conduct independent analysis of log files, evidence and other information to determine best methods for identifying the perpetrator(s) of a network intrusion or other crimes in coordination with appropriate persons, teams, and stakeholders.

+ Provide timely notice of imminent or hostile intentions or activities impacting organization objectives, resources or capabilities.

+ Provide daily summary reports of network events and activity relevant to cyber defense practices as part of shift turnover activities.

+ Follow Cybersecurity SOPs and assist in creation, development and validation of current or new SOPs.

+ Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.

+ Promote an environment that supports diversity and reflects the M&T Bank brand.

+ Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

+ Holiday, night, and/or weekend work may be required on either an occasional or regular basis.

+ Complete other related duties as assigned.

Education and Experience Required:

+ Associates degree in an applicable discipline and a minimum of 2 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree, a combined minimum of 4 years’ higher education and/or work experience, including a minimum of 2 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations

+ Understanding of System Development Life Cycle (SDLC)

+ Detailed knowledge of application development support software and hardware platforms

+ Technical understanding of mainframe and/or distributed computing environments

+ Prior experience completing complex problem analysis and problem resolution

+ Prior experience quickly learning new technical skills and supporting systems, tools and processes

+ Experience with active participation in technical analysis walkthroughs

Education and Experience Preferred:

+ Bachelor’s degree in an applicable discipline

Minimum of 4 years’ relevant work experience in two (2) or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations

+ Knowledge of the Bank’s application development support software and hardware platforms

+ Experience researching and recommending application development support software and hardware platforms through an understanding of client area function and deliverable requirements for current and future-state planning

+ Technical experience with mainframe, virtual and/or distributed computing environments

+ Experience completing complex problem analysis and problem resolution

+ Knowledge of programming language syntax, with a focus on scripting-oriented languages (e.g., Python, PowerShell, etc.)

+ CYSA (Cybersecurity Analyst+ Certification) certification or applicable Cybersecurity domain-related industry-recognized certification

\#LI-KB1

Location

Amherst, New York, United States of America

Copy Link

Job Posting: JC193229575

Posted On: Sep 25, 2021

Updated On: Oct 01, 2021