$80,900–$134,800 Per Year
Analysis Skills, CISSP - Certified Information Systems Security Professional, Campaigns, CompTIA Security+, Computer Security, Data Analysis, Data Collection, Documentation, Establish Priorities, External Audit, GCIA - GIAC Certified Intrusion Analyst, Government, Higher Education, Identify Issues, Incident Response, Intelligence Gathering, Internal Audit, Internet Security, Malware, Malware Analysis, Network Protocols, Network Routing, Network Support, OSINT (Open Source Intelligence), Phishing, Policy Development, Problem Solving Skills, Ransomware, Regulations, Risk, Risk Analysis, Risk Management, Root Cause Analysis, Routing Protocols, Security Attacks, Time Management, Training Data Sets, Vendor/Supplier Selection
Overview:
Responsible for supporting threat intelligence data collection, alert triage, investigation, and the documentation of analysis and findings to minimize and defend the organization against cybersecurity threats. This role has a strong emphasis on researching third-party cybersecurity incidents, identifying relevant vulnerabilities, malware, and technical indicators, and ensuring actionable intelligence is communicated to the appropriate cybersecurity teams.
Primary Responsibilities:
- Apply knowledge of data collection tools and methodologies to independently gather foundational intelligence data and determine the relevance and importance of the intelligence to the Bank's cybersecurity posture.
- Research third-party security incidents, breaches, and emerging cyber threats to identify vulnerabilities, malware, threat actor activity, and other relevant intelligence that may impact the organization.
- Monitor threat intelligence feeds provided by vendors, government agencies, and industry groups to remain current on the latest threats, determine relevance to the Bank, and report findings to senior analysts and stakeholders for further review and action.
- Analyze and tag threat intelligence data to identify cyber-related information that could impact the Bank, including indicators of compromise (IOCs), indicators of attack (IOAs), malware activity, exploited vulnerabilities, and threat actor tactics, techniques, and procedures (TTPs).
- Demonstrate proficiency in identifying and interpreting technical indicators and determining which cybersecurity teams should be informed and engaged based on the nature of the indicators and associated risk.
- Organize and structure collected intelligence into standardized formats to facilitate effective analysis, sharing, and operational use across cybersecurity functions.
- Analyze historical threat data and patterns to anticipate future threats and contribute insight to proactive defense measures.
- Identify common tactics, techniques, and procedures used by threat actors through correlation of observed activities with known threat behaviors and frameworks.
- Conduct initial analysis of threats by compiling, sorting, and contextualizing data to support the broader intelligence lifecycle.
- Monitor current events, cybersecurity incidents, and technological advancements, and summarize relevant TTPs, vulnerabilities, and threat trends for cybersecurity teams to incorporate into internal controls, policies, and procedures.
- Collaborate with Cybersecurity Operations, Incident Response, Vulnerability Management, Fraud, and other stakeholders to ensure appropriate threat intelligence is received, prioritized, and shared.
- Report insights gleaned from threat intelligence monitoring and participate in intelligence-sharing initiatives with peer organizations, information-sharing groups, and industry partners.
- Collect and provide relevant data to troubleshoot vendor issues and identify root causes.
- Suggest opportunities for configuration, tuning, and integration of threat intelligence platform rules and alerts to improve threat intelligence capabilities and reduce false positives.
- Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
- Promote an environment that supports belonging and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators, as applicable.
- Complete other related duties as assigned.
Scope of Responsibilities:
- Partners with peers, manager, and Cybersecurity team.
- Leverages established directions, policies, and guidelines to accomplish work. Work is reviewed for accuracy and overall quality.
- Basic understanding of Open-Source Intelligence (OSINT) and social monitoring tools, Threat Intelligence Platform (TIP)
Education and Experience Required:
- Bachelor's degree and a minimum of 2 years' relevant work experience, or in lieu of a degree, a combined minimum of 6 years' higher education and/or work experience
- Knowledge of tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation.
- Basic understanding of cyber threat intelligence principles, indicators of compromise (IOCs), indicators of attack (IOAs), malware analysis concepts, and vulnerability management.Ability to evaluate threat information and communicate relevant technical indicators to appropriate cybersecurity stakeholders.
Education and Experience Preferred:
- Industry-recognized cybersecurity certification (Security+, CySA+, GCTI, GCIA, CISSP, or similar).
- Experience researching cyber incidents and third-party breaches to identify vulnerabilities, malware activity, indicators of compromise, and emerging threats.
- Knowledge of common networking and routing protocols, services, architectures, and designs supporting modern communication networks.
- Experience evaluating, analyzing, and synthesizing large quantities of data that may be fragmented, incomplete, or contradictory.
- Understanding of different types of threat actors and their motivations, objectives, and methodologies.
- Understanding of intelligence requirements for Cybersecurity Operations Centers (SOCs), Incident Response, Vulnerability Management, and Financial Crimes teams.
- Understanding of threat intelligence concepts, including malware and ransomware activity, phishing campaigns, insider threats, and exploitation of vulnerabilities.
- Strong critical thinking, analytical, and problem-solving skills.
- Ability to quickly learn new technologies and technical skills.
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $80,900.00 - $134,800.00 Annual (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
Location
Buffalo, New York, United States of America