Lead Cybersecurity Incident Response Analyst

Lead Cybersecurity Incident Response Analyst

Requirements

• Bachelor’s degree and a minimum of 5 years’ relevant work experience, inclusive of 2 years’ Cybersecurity incident response work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 5 years’ relevant work experience, inclusive of a minimum of 2 years’ Cybersecurity incident response work experience
• Advanced understanding of multiple Cybersecurity platforms, applications, and tools within team
• Prior experience remaining composed and solving problems in high stress situations

Responsibilities

• Lead the response to complex cyber incidents, coordinating across threat intelligence, detection, and engineering teams – establishing relationships with business and technology leaders throughout the enterprise.
• Develop and refine incident response playbooks and automation strategies.
• Mentor junior analysts and contribute to the continuous improvement of detection and response capabilities.
• Collaborate with cross-functional teams to ensure alignment with enterprise risk and compliance frameworks.
• Consult on various aspects and impacts of technical threats to risk and business partners.
• Determine root cause, scope of impact, and identify novel indicators of compromise or attack patterns of cybersecurity incidents through in-depth analysis and forensic investigation of incidents.
• Contribute to refining and updating incident response plans based on lessons learned from previous incidents and industry best practices, ensuring they align with regulatory requirements.
• Identify and recommend proactive measures to prevent future incidents, such as implementing security controls, making recommendations to technical security training, and assessing risk based on technical controls and potential impact.
• Suggest avenues to advance investigation steps during an incident, contributing to effective and swift resolution of incident.
• Partner with appropriate stakeholders to implement effective measures to contain and neutralize threats during incidents.
• Lead interdepartmental teams to apply lessons learned to proactively implement measures that prevent future incidents.
• Maintain detailed incident logs, including analysis and response activities, to support post-incident reviews, compliance requirements, and continuous improvement efforts and provide a reference for the future.
• Provide clear and concise updates to stakeholders and management teams, including executive summaries, impact assessments, and recommendations for ongoing improvements to the incident response process.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Preferred Qualifications

• Excellent verbal and written communication skills
• Excellent interpersonal skills
• Experience partnering with leaders to design solutions to business needs
• Ability to influence incident response efforts inside and outside of Technology by leveraging project management principles, setting clear expectations, and escalating when appropriate
• Ability to gain buy-in, related to incident response, of teams across the Bank through communicating priorities and risk
• Prior experience prioritizing and delivering results across changing priorities and quickly changing landscape based on business and technology needs