M&T Bank – Amherst, NY
Cybersecurity Threat Intelligence Analyst
Amherst, NY or Millsboro, DE
Function as a trusted member of the Cyber Security Operation Center (CSOC) team. Cybersecurity Threat Intelligence Analysts are responsible for the continuous collection, analysis and dissemination of threat intelligence. As a member of the Threat Intelligence Team, the Analyst will be embedded within the Cybersecurity Operations Center and provide intelligence and context to events. You will be required work closely with other infrastructure support teams, engineering staff and senior leaders across Cybersecurity and Technology.
Review multiple data sources for potential threats to M&T Bank.
Create Intelligence products that are both technical and strategic for multiple business units.
Provide threat intelligence to assist with continuous monitoring of the bank’s Cybersecurity services including characterizing and analyzing network traffic to identify anomalous activity and potential threats to network resources.
Collect and maintain data needed to meet system Cybersecurity reporting.
Collect intrusion artifacts and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
Perform static malware analysis when appropriate.
Perform file system forensic analysis.
Work with business units and technical functions to understand threat intelligence needs.
Continually assess intelligence needs and sources against requirements and the organizations future state.
Partner with the Fraud and Financial crimes unit to lower fraud losses relating to Cybersecurity threats.
Evaluate and understand complex interrelationships and effects among programs, interfacing applications and platforms.
Prepare charts, tables and diagrams to assist in analyzing cyber problems.
Analyze emerging trends.
Bachelor’s Degree or equivalent work experience.
Education and experience in information security, information technology mathematics, engineering, or a related discipline preferred.
Minimum five (5) years related industry experience in a regulated industry including experience in cybersecurity.
Exceptional written and verbal communication.
Ability to communicate with senior management, peers, internal and external auditors and examiners, business partners and other security related agencies as required.
Ability to research and report on security related topics using a variety of sources (ex: Internet, affiliate organizations, governmental agencies) and techniques.
Basic understanding of networking technologies (e.g., OSI Model).
Basic knowledge of threat intelligence processes and methodologies.
Working understanding of cybersecurity defensive and monitoring technologies (e.g., SIEM).
Working understanding of cybersecurity attack methodologies and threat actor motivation.
Advanced knowledge of defense in depth methodologies and Indicators of Compromise(IoCs).
High level of proficiency reading, analyzing, and writing threat assessments.
New York-Amherst-Commerce Drive
Administrative and Support Services