Senior Cybersecurity Engineer - Offensive Security Operations

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.

Overview:   

Responsible for designing and implementing medium-scale security systems and solutions to develop or enhance new or existing security solutions, solving moderate to complex problems or enhancements. Completes day-to-day support activities and special projects.

Primary Responsibilities:

• Design, build, and maintain scalable, secure, and resilient infrastructure to support offensive security operations, including red team, purple team and penetration testing team activities.
• Develop and manage custom command-and-control (C2) infrastructure, redirectors, payload hosting environments, and covert communication channels.
• Automate deployment and teardown of offensive tooling and infrastructure
• Collaborate with red and purple teams to integrate new TTPs, payload delivery techniques, and evasion strategies into infrastructure and tooling.
• Act as a subject matter expert in offensive infrastructure engineering, advising on architecture, scalability, and OPSEC best practices.
• Research, evaluate, and implement new offensive security frameworks and capabilities while maintaining version control and documentation.
• Partner with Cybersecurity and Technology teams on security solutions implementations and maintenance
• Proactively recommend process enhancements and implements prioritized improvements within Cybersecurity team.
• Engage with vendor for routine security products or solutions support.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• Partners primarily with individual contributors and leaders within Cybersecurity and Technology, and occasionally senior leaders within Cybersecurity.
• Determines and develops approach to solutions. Work is accomplished with periodic check-ins for alignment and limited direction. Work is evaluated upon completion to ensure objectives have been met.
• Proficient ability to use multiple Cybersecurity tools, specific to function..

Education and Experience Required:

• Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience

Education and Experience Preferred:

• Intermediate understanding of the security system development and infrastructure lifecycle and architecture, and systems design
• Proven experience with the tools utilized in assigned Cybersecurity function
• Experience translating architecture into technical requirements.
• Proficient level of critical thinking and problem solving
• Excellent written and verbal communication skills
• Proven experience collaborating with leaders to execute results.
• Prior experience seeking buy-in of others to align on processes.
• Ability to analyze and draw conclusions based on quantitative data from multiple sources.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $93,581.10 - $155,968.51 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

LocationBuffalo, New York, United States of America