Lead Threat Hunter

his role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Wilmington, DE Tech Hub.

Overview:   

Responsible for the development of new or existing Cybersecurity advanced threat programs and initiatives; establishing and maintaining relationships with key internal and external stakeholders; and informing the organization's proactive defense posture.

Primary Responsibilities:

• Develop nuanced hypotheses about potential cyber threats by conducting in-depth analysis, integrating threat intelligence, and considering broader contextual factors.
• Research advanced hunting initiatives, utilizing a wide range of intelligence sources to ensure comprehensive view of threat landscape.
• Guide in-depth analysis efforts, utilizing advanced threat tools and extensive threat intelligence for nuanced understanding of potential threats.
• Employ advanced techniques to uncover nuanced patterns and correlations in diverse data sets, enhancing threat identification capabilities.
• Strategize with appropriate teams to orchestrate sophisticated remediation plans that address current threats and mitigate future risk.
• Lead strategic collaboration efforts with Cybersecurity and Technology teams to stay ahead of adversaries and inform the organization's threat hunting strategy.
• Advise Cybersecurity Operations Center, engineering, and governance teams on modifications to systems, testing plans, or analysis reporting to ensure threat hunt findings are appropriately incorporated into technology, governance, and best practices.
• Lead improvement initiatives within Cybersecurity team, implementing best practices and optimizing processes to enhance security capabilities.

• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.

• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• The position provides guidance and mentoring to less experienced team members.
• Engages in regular interaction with middle management and associated staff within Internal Audit, Compliance, Risk Management, and Technology
• Exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results. Exerts significant latitude in determining objective of assignment.  Work is accomplished with limited direction.

Manager Responsibilities:

No supervisory responsibilities.

Education and Experience Required:

• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 5 years’ relevant work experience in two or more of the following Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and/or Security Operations
• Understanding of the System Development Life Cycle (SDLC)
• Capable of researching and recommending Enterprise Information Security Architecture (EISA) and security strategy planning based on an understanding of client area function and deliverable requirements for current and future-state planning.
• Experience with tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation.
• Prior experience completing complex problem analysis and problem resolution across multiple disciplines.
• Prior experience with and demonstrable aptitude for quickly learning new technical skills and supporting multiple systems, tools, and processes.
• Experience with tactics and capabilities for advanced threat actions.
• Experience actively leading complex problem and technical analysis walkthroughs
• Technical experience with common networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks.
• Experience evaluating, analyzing, and synthesizing large quantities of data (which may be fragmented and contradictory) and accurately determining the potential range and scope of threats and assisting with development of high-quality intelligence reporting.

Education and Experience Preferred:

• Bachelor’s degree in an applicable discipline such as Cybersecurity, Computer Science, Forensics, Global Security and Intelligence, or related field
• Minimum of 6 years’ relevant work experience in two or more of the following Cybersecurity domains:  Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and/or Security Operations
• Detailed technical experience with common networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks.
• Industry recognized certification

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $121,698.75 - $202,831.26 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

LocationWilmington, Delaware, United States of America