Lead Cybersecurity Automation Engineer

Overview:   

Responsible for designing and implementing large scale-scale security systems and solutions to develop or enhance new or existing security solutions, solving advanced complex problems or enhancements. Acts as knowledge resource for and trains less experienced engineers. Completes day-to-day support activities and special projects.

Primary Responsibilities:

• Design security systems or solutions with significant complexity and moderate risk, ensuring alignment with cybersecurity objectives and organizational needs.
• Configure and develop controls for security systems with significant complexity, to fortify system defenses and optimize performance of technologies.
• Lead testing efforts for systems and technology, coordinating with cross-functional teams and providing technical expertise in identifying and resolving issues.
• Manage deployment of security solutions for complex systems or technology, ensuring smooth integration with existing infrastructure and minimal disruption.
• Define and implement tuning methodologies for systems and technologies, using advanced analytical techniques to maximize efficiencies.
• Develop and implement automation and orchestration for complex systems to streamline security operations and response activities.
• Lead collaboration efforts with Cybersecurity and Technology teams to effectively implement and maintain security solutions for the organization.
• Lead improvement initiatives within Cybersecurity team, implementing best practices and optimizing processes to enhance security capabilities.
• Actively partner with vendor to optimize security products and/or drive resolution of complex support issues.
• Assist leadership with vendor relationships by maintaining when licenses need to be renewed, informing when hardware needs to be refreshed or new technologies should be considered.

• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• This role is used in one or more of the following cybersecurity function:
  • Data Loss Prevention Engineering – designs and implements strategies and technologies to prevent unauthorized access, transmission, or leakage of data within and outside of the Bank's network and systems.
  • Detection Engineering – develops and deploys systems and processes to identify and respond to cybersecurity threats and incidents in real-time, aiming to minimize the impact of security events.
  • Identity and Access Engineering – develops and manages the architecture, automation, and control mechanisms for provisioning of least privilege access for employees and contractors to internal and 3rd party systems, applications, and data sources.
  • Security & Network Infrastructure – designs and implements secure network architecture, protocols, and technologies to protect data in transit, prevent unauthorized access, and detect and mitigate network-based attacks.  Architects, maintains, and optimizes the tools and capabilities leveraged by cyber security to achieve organizational objectives.
  • Protection Engineering – designs and implements security strategies, systems, policies, and procedures that proactively protect against cybersecurity threats and malicious activities targeting the Bank's systems and assets.
  • Cloud Engineering – designs and implements the security of the organization’s cloud computing environment to protect against cybersecurity threats and malicious activities.
• Partners primarily with individual contributors and leaders within Cybersecurity and Technology, occasionally senior leaders within Cybersecurity
• Exercises judgement in selecting methods, techniques, and criteria in executing objectives. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
• Advanced ability to use multiple Cybersecurity tools, specific to function.

Manager Responsibilities:

No supervisory responsibilities.

Education and Experience Required:

• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience

Education and Experience Preferred:

• Advanced understanding of the security system development and infrastructure lifecycle and architecture, and systems design
• Proven experience with the development and customization of tools utilized in assigned Cybersecurity function
• Demonstrated ability to translate architecture into technical requirements
• Proficient level of critical thinking and problem solving ability
• Excellent communication and interpersonal skills
• Experience partnering with leaders to design solutions to business needs.
• Proficient persuasive communication skills to gain buy-in of others
• Strong ability to analyze and draw reliable conclusions based on large volumes of quantitative data from diverse sources
• Ability effectively serves in indirect leadership role

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $110,635.01 - $184,391.68 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

LocationBuffalo, New York, United States of America