Senior Cybersecurity Engineer - Offensive Security Operations
Buffalo, NY, United States
Full Time Senior-level / Expert USD 93K - 155K
M&T Bank
With a community bank approach, M&T Bank helps people reach their personal and business goals with banking, mortgage, loan and investment services.This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.
Overview:Responsible for designing and implementing medium-scale security systems and solutions to develop or enhance new or existing security solutions, solving moderate to complex problems or enhancements. Completes day-to-day support activities and special projects.
Primary Responsibilities:
- Design, build, and maintain scalable, secure, and resilient infrastructure to support offensive security operations, including red team, purple team and penetration testing team activities.
- Develop and manage custom command-and-control (C2) infrastructure, redirectors, payload hosting environments, and covert communication channels.
- Automate deployment and teardown of offensive tooling and infrastructure
- Collaborate with red and purple teams to integrate new TTPs, payload delivery techniques, and evasion strategies into infrastructure and tooling.
- Act as a subject matter expert in offensive infrastructure engineering, advising on architecture, scalability, and OPSEC best practices.
- Research, evaluate, and implement new offensive security frameworks and capabilities while maintaining version control and documentation.
- Partner with Cybersecurity and Technology teams on security solutions implementations and maintenance
- Proactively recommend process enhancements and implements prioritized improvements within Cybersecurity team.
- Engage with vendor for routine security products or solutions support.
- Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
Scope of Responsibilities:
- Partners primarily with individual contributors and leaders within Cybersecurity and Technology, and occasionally senior leaders within Cybersecurity.
- Determines and develops approach to solutions. Work is accomplished with periodic check-ins for alignment and limited direction. Work is evaluated upon completion to ensure objectives have been met.
- Proficient ability to use multiple Cybersecurity tools, specific to function..
Education and Experience Required:
- Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience
Education and Experience Preferred:
- Intermediate understanding of the security system development and infrastructure lifecycle and architecture, and systems design
- Proven experience with the tools utilized in assigned Cybersecurity function
- Experience translating architecture into technical requirements.
- Proficient level of critical thinking and problem solving
- Excellent written and verbal communication skills
- Proven experience collaborating with leaders to execute results.
- Prior experience seeking buy-in of others to align on processes.
- Ability to analyze and draw conclusions based on quantitative data from multiple sources.
Job stats:
0
0
0
Categories:
Incident Response Jobs
Security Engineering Jobs
Tags: Offensive security Pentesting Red team TTPs
Perks/benefits: Competitive pay
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Senior Security Analyst jobsInformation System Security Officer jobsProduct Security Engineer jobsSenior Cybersecurity Engineer jobsSenior Cloud Security Engineer jobsSystems Engineer jobsSenior Information Security Analyst jobsSystems Administrator jobsInformation Security Manager jobsSenior Network Security Engineer jobsIT Security Engineer jobsCyber Security Specialist jobsChief Information Security Officer jobsIT Security Analyst jobsSecurity Specialist jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsSenior Information Security Engineer jobsThreat Intelligence Analyst jobsSecurity Operations Analyst jobsSenior Product Security Engineer jobsCyber Security Architect jobs
GDPR jobsEncryption jobsSaaS jobsBash jobsEDR jobsSplunk jobsThreat detection jobsSQL jobsTop Secret jobsMalware jobsIDS jobsFinance jobsRMF jobsSDLC jobsForensics jobsIPS jobsTerraform jobsDocker jobsITIL jobsIntrusion detection jobsCompTIA jobsActive Directory jobsDoDD 8570 jobsOWASP jobsSOC 2 jobs
CRISC jobsSAP jobsGIAC jobsAnsible jobsUNIX jobsHIPAA jobsSANS jobsCCSP jobsVPN jobsTCP/IP jobsJira jobsIT infrastructure jobsOSCP jobsSOAR jobsMITRE ATT&CK jobsJavaScript jobsBanking jobsSOX jobsMachine Learning jobsClearance Required jobsData Analytics jobsDNS jobsNIST 800-53 jobsVMware jobsIndustrial jobs