Senior Cybersecurity Engineer - Offensive Security Operations
Buffalo, NY, United States
Full Time Senior-level / Expert USD 93K - 155K
M&T Bank
With a community bank approach, M&T Bank helps people reach their personal and business goals with banking, mortgage, loan and investment services.This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Buffalo, NY Tech Hub.
Overview:Responsible for designing and implementing medium-scale security systems and solutions to develop or enhance new or existing security solutions, solving moderate to complex problems or enhancements. Completes day-to-day support activities and special projects.
Primary Responsibilities:
- Design, build, and maintain scalable, secure, and resilient infrastructure to support offensive security operations, including red team, purple team and penetration testing team activities.
- Develop and manage custom command-and-control (C2) infrastructure, redirectors, payload hosting environments, and covert communication channels.
- Automate deployment and teardown of offensive tooling and infrastructure
- Collaborate with red and purple teams to integrate new TTPs, payload delivery techniques, and evasion strategies into infrastructure and tooling.
- Act as a subject matter expert in offensive infrastructure engineering, advising on architecture, scalability, and OPSEC best practices.
- Research, evaluate, and implement new offensive security frameworks and capabilities while maintaining version control and documentation.
- Partner with Cybersecurity and Technology teams on security solutions implementations and maintenance
- Proactively recommend process enhancements and implements prioritized improvements within Cybersecurity team.
- Engage with vendor for routine security products or solutions support.
- Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
Scope of Responsibilities:
- Partners primarily with individual contributors and leaders within Cybersecurity and Technology, and occasionally senior leaders within Cybersecurity.
- Determines and develops approach to solutions. Work is accomplished with periodic check-ins for alignment and limited direction. Work is evaluated upon completion to ensure objectives have been met.
- Proficient ability to use multiple Cybersecurity tools, specific to function..
Education and Experience Required:
- Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience
Education and Experience Preferred:
- Intermediate understanding of the security system development and infrastructure lifecycle and architecture, and systems design
- Proven experience with the tools utilized in assigned Cybersecurity function
- Experience translating architecture into technical requirements.
- Proficient level of critical thinking and problem solving
- Excellent written and verbal communication skills
- Proven experience collaborating with leaders to execute results.
- Prior experience seeking buy-in of others to align on processes.
- Ability to analyze and draw conclusions based on quantitative data from multiple sources.
Job stats:
0
0
0
Categories:
Incident Response Jobs
Security Engineering Jobs
Tags: Offensive security Pentesting Red team TTPs
Perks/benefits: Competitive pay
Region:
North America
Country:
United States
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.
Information Security Specialist jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cloud Security Engineer jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsSystems Engineer jobsInformation Security Manager jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsCyber Security Specialist jobsIT Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Specialist jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsCyber Threat Intelligence Analyst jobsSenior Product Security Engineer jobsSenior Information Security Engineer jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSenior Software Engineer jobs
Java jobsEncryption jobsBash jobsTS/SCI jobsEDR jobsIDS jobsThreat detection jobsSQL jobsIPS jobsSplunk jobsMalware jobsTerraform jobsSDLC jobsTop Secret jobsSOC 2 jobsFinance jobsForensics jobsDocker jobsRMF jobsIntrusion detection jobsCompTIA jobsActive Directory jobsGIAC jobsITIL jobsOWASP jobs
VPN jobsData Analytics jobsDoDD 8570 jobsHIPAA jobsOSCP jobsAnsible jobsIT infrastructure jobsTCP/IP jobsCRISC jobsSAP jobsUNIX jobsCCSP jobsBanking jobsSANS jobsSOAR jobsClearance Required jobsMITRE ATT&CK jobsSOX jobsJavaScript jobsMachine Learning jobsSecurity strategy jobsZero Trust jobsDNS jobsJira jobsNIST 800-53 jobs