Lead Threat Intelligence Analyst

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Wilmington, DE Tech Hub.

Overview:  

Responsible for in-depth analysis and interpretation of intelligence data to identify potential sophisticated threats to M&T Bank's security to identify emerging patterns. Leverages this information to develop mitigation plans to strengthen defenses, mitigate threats, and enhance security posture.

Primary Responsibilities:

• Conduct advanced, targeted intelligence collection, focusing on strategic implications and long-term trends.
• Analyze threat intelligence feeds from multiple sources, identify actionable intelligence, and guide key stakeholders on how to mitigate threats.
• Exchange intelligence with other organizations, information sharing groups, and industry groups to stay updated on the latest threats.
• Identify relationship and patterns within the data to connect seemingly unrelated pieces of information and uncover potential threats.
• Utilize advanced analytical techniques to comprehensively understand historical events and trends and recommend defense techniques to implement that protect the organization.
• Attribute observed activities to a specific threat actor or group based on known tactics, techniques, and procedures.
• Perform comprehensive and in-depth analysis of serious threats, providing detailed profiles and tactical responses.
• Employ basic predictive modeling techniques and threat actor analysis to forecast potential future threats.
• Track current events, technological advancements, and changes in the threat landscape to anticipate how attackers may change their tactics and provide guidance to cybersecurity teams on how to secure internal technologies, policies, and procedures.
• Actively partner with vendor to optimize threat intelligence products and/or drive resolution of complex support issues.
• Recommend development and improvements of threat intelligence platforms' rules, alerts, and correlation logic, and share with security engineering to strengthen the security and increase resiliency of the organization.
• Operate and optimize sophisticated threat management systems, implementing upgrades and ensuring system resilience.
• Partner with Cybersecurity and Technology teams on threat intelligence initiatives.
• Build intelligence briefings of security threats, analysis, responses, and procedures and utilize to debrief peer teams and senior Cybersecurity and Technology leadership.

• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.

• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• Partners with peers, senior people leaders, and Cybersecurity team.
• Determines and develops approach to solutions. Work is evaluated upon completion to ensure objectives have been met. Work is accomplished with periodic check-ins for alignment and with limited direction.
• Exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results. Exerts significant latitude in determining objective of assignment.  Work is accomplished with limited direction.
• Advanced knowledge of Open-Source Intelligence (OSINT) and social monitoring tools, Threat Intelligence Platform (TIP), darkweb and malware research tools, and threat reporting platforms. Working knowledge of more advanced threat intelligence capabilities.

Manager Responsibilities:

No supervisory responsibilities.

Education and Experience Required:

• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience
• Minimum of 3 years' experience utilizing tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation
• Intermediate understanding of cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation  

Education and Experience Preferred:

• Industry recognized certification
• Technical experience with networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks.
• Experience evaluating, analyzing, and synthesizing large quantities of data which may be fragmented and contradictory; accurately determining the potential range and scope of threats; and contributing towards intelligence reporting.
• Comprehensive understanding of different types of threat actors, and advanced understanding of motivations and methodologies
• Understanding of what types of intelligence to disseminate to which stakeholders, and ability to adjust technical messaging effectively to varying stakeholders.
• Experience with advanced tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including payload delivery, persistence, lateral movement, data exfiltration, command and control, and traffic analysis.
• Intermediate understanding of advanced threat intelligence concepts, such as malware detection, sophisticated phishing, denial-of-service and distributed denial-of-service attacks, and insider threats
• Proficient level of thinking critically and solving problems
• Prior experience with and demonstrable aptitude for quickly learning new technical skills.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $121,698.75 - $202,831.26 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

LocationWilmington, Delaware, United States of America