This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.
Overview:
Ensures the integrity and resilience of the organization's security and information systems through the identification and investigation of potential threats using complex analysis on Cybersecurity monitoring tools and responds to confirmed security threats.
Primary Responsibilities:
-
· Characterize and analyze complex network traffic using analysis techniques such as contextual analysis, anomaly detection, and network traffic analysis, to identify anomalous activity and potential threats to network resources and provide proactive recommendations to maintain or improve security posture.
· Complete dynamic malware, threat, and log analysis in coordination with past incident analysis data and/or current or emerging threat analysis and provide recommended remediation efforts.
· Identify opportunities for tuning and development of rules, alerts, and correlation logic for security systems and tools to share with security engineering that will strengthen the security of the organization.
· Immediately partner with incident response team when identifying suspected imminent or hostile intentions or activities that could impact the organization's objectives, resources, or capabilities.
· Maintains comprehensive documentation and logs of security threats, analysis, responses, and procedures in incident tracking and solution database that can be utilized to debrief senior Cybersecurity leadership.
· Assist in development of technical documents, incident reports, findings and use cases from intrusion artifacts, log summaries and other discovered data to the team and team leader(s).
· Collaborate with cybersecurity teams and governance team to regularly review and refine policies and procedures, utilizing insight from internal incident data and emerging threats.
· Actively engage in cross-functional collaboration with manager, specialists, and incident response team to review and determine next steps for identified potential threat and suspected incidents.
· Actively seeks out opportunities for professional growth and utilizes emerging threat trends to inform recommendations for new security practices, tools, and techniques.
· Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
· Perform QA related activities for CSOC analysts to monitor accuracy, completeness, and adherence to established workflows and procedures
· Maintains comprehensive documentation on training efforts and works to further CSOC maturity by conducting onboarding training, as well as other various training programs to foster a continuous improvement environment.
· Promote an environment that supports diversity and reflects the M&T Bank brand.
· Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
· Complete other related duties as assigned.
Scope of Responsibilities:
- Partners with manager, peers, and incident response team.
- Leverages Standard Operation Procedures to perform advanced analysis of security events. Work is reviewed for accuracy and overall quality.
- Intermediate knowledge of all networks, user, and end-point monitoring tools.
- Advanced understanding of multiple network, user, or end-point monitoring tools.
- Train analyst to intermediate level knowledge of network, user, and end-point monitoring tools.
- Second highest individual contributor escalation point in team.
Education and Experience Required:
· Partners with manager, peers, and incident response team.
· Leverages Standard Operation Procedures to perform advanced analysis of security events. Work is reviewed for accuracy and overall quality.
· Intermediate knowledge of all networks, user, and end-point monitoring tools.
· Advanced understanding of multiple network, user, or end-point monitoring tools.
· Train analyst to intermediate level knowledge of network, user, and end-point monitoring tools.
· Second highest individual contributor escalation point in team.
Education and Experience Preferred:
-
· Intermediate Cybersecurity certifications (e.g., CySA+,CEH)
· Prior experience working in a highly regulated industry (e.g., finance, healthcare, government)
· Intermediate knowledge of digital evidence preservation concepts
· Basic understanding of security orchestration, automation, and response
· Intermediate proficiency with security information and event management tools
· Intermediate ability to use anti-virus software and endpoint detection and response tools.
· Advanced ability to use open-source intelligence concepts.
· Basic ability to use network packet analyzers.
· Basic knowledge of threat intelligence concepts
· Intermediate ability collects artifacts and document incidents.
· Basic knowledge of scripting languages
· Intermediate ability to logically identify and analyze protection opportunities in data loss prevention and cloud access security broker tools.
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $79,157.68 - $131,929.47 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.
LocationBuffalo, New York, United States of America
Top Skills
What We Do
Waste Connections, Inc. is an integrated solid waste services company that provides waste collection, transfer, disposal and recycling services in mostly exclusive and secondary markets in the U.S. and Canada. Through its R360 Environmental Solutions subsidiary, the Company is also a leading provider of non-hazardous oilfield waste treatment, recovery and disposal services in several of the most active natural resource producing areas in the United States, including the Permian, Bakken and Eagle Ford Basins. Waste Connections serves more than six million residential, commercial, industrial, and exploration and production customers from a network of operations in 39 states, six provinces and the District of Columbia. The Company also provides intermodal services for the movement of cargo and solid waste containers in the Pacific Northwest.
Our corporate strategy targets secondary and suburban markets that have strong demographic growth trends and where competitive barriers to entry can be developed. We seek to avoid highly competitive, large urban markets and target markets where we can provide either non-integrated or integrated solid waste services under exclusive arrangements, or markets where we can be integrated and attain high market share. We are a leading provider of solid waste services in most of our markets, and approximately 50% of our revenues are derived from market areas where we have franchise or exclusive rights to provide our waste services.
