Lead Cybersecurity Engineer - Vulnerability

Place of work Buffalo
Contract type -
Start date -
Salary -

Job details

Job description, work day and responsibilities

Qualifications
The candidate will have strong technical expertise solving advanced complex problems or enhancements, a deep understanding of security frameworks, and a passion for protecting sensitive data from evolving threats, with a strong emphasis on vulnerability management, secure application testing, and automation
The ideal candidate will have extensive expertise in managing and deploying vulnerability scanning tools, including but not limited to Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), as well as a proven history of leading enterprise initiatives and mentoring junior engineers
The role also requires proficiency in scripting, programming, and automation to streamline security processes and improve efficiency
Advanced ability to use multiple Cybersecurity tools, specific to function
Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of + years’ higher education and/or work experience
In-depth knowledge and hands-on experience with vulnerability tools and technologies (e.g., Blackduck, Veracode, Qualsys, Rapid7, Checkmarx, Burp Suite, etc.)
Strong knowledge of DevSecOps practices and secure integration into CI/CD pipelines
Benefits
We Support Our Team Members With Generous Benefits
Competitive compensation
Health, welfare, and retirement benefits
401(k) match at 5%
Work-life balance and flexible work arrangements
Banking Officers start with 25 days PTO plus 12 paid holidays
40 hours paid volunteer hours per year
Much more
The pay range for this position is $110,635.01 - $184,3+1.68 Annual (USD)
The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation
Responsibilities
In this role, you will be responsible for designing, implementing, and enhancing our cybersecurity vulnerability platforms and risk posture across our large-scale infrastructure, applications and systems
You will work closely with other security engineers, product teams, and IT professionals to ensure the resilience and integrity of our environment
Evaluate, design, implement, and manage vulnerability scanning tools and automated processes to streamline detection and response workflows
Lead integrations of vulnerability scanning tools into the software development & lifecycle process, through collaboration with DevSecOps, IT, infrastructure and security teams, to ensure vulnerability management processes align with security best practices and organizational goals
Design security systems or solutions with significant complexity and moderate risk, ensuring alignment with cybersecurity objectives and organizational needs
Configure and develop controls for security systems with significant complexity, to fortify system defenses and optimize performance of technologies
Lead testing efforts for systems and technology, coordinating with cross-functional teams and providing technical expertise in identifying and resolving issues
Manage deployment of security solutions for complex systems or technology, ensuring smooth integration with existing infrastructure and minimal disruption
Define and implement tuning methodologies for systems and technologies, using advanced analytical techniques to maximize efficiencies
Develop and implement automation and orchestration for complex systems to streamline security operations and response activities
Lead collaboration efforts with Cybersecurity and Technology teams to effectively implement and maintain security solutions for the organization
Lead improvement initiatives within Cybersecurity team, implementing best practices and optimizing processes to enhance security capabilities
Actively partner with vendor to optimize security products and/or drive resolution of complex support issues
Assist leadership with vendor relationships by maintaining when licenses need to be renewed, informing when hardware needs to be refreshed or new technologies should be considered
Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite
Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis
Identify risk-related issues needing escalation to management
Promote an environment that supports diversity and reflects the M&T Bank brand
Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable
Complete other related duties as assigned
Designs and implements secure systems, technologies, policies and procedures to protect against cybersecurity threats and malicious activities
Architects, maintains, and optimizes the tools and capabilities leveraged by cyber security to achieve organizational objectives
Partners primarily with individual contributors and leaders within Cybersecurity and Technology, occasionally senior leaders within Cybersecurity
Exercises judgement in selecting methods, techniques, and criteria in executing objectives
Exerts significant latitude in determining objective of assignment
Work is accomplished with limited direction
Stays updated with the latest vulnerability management technologies, continuously monitoring and researching emerging threats and vulnerabilities in the cybersecurity landscape
Update security processes and tools accordingly to address new risks
Job description
This role offers a hybrid work schedule; offering the flexibility to work from home two days a week, while providing the opportunity for in-person collaboration.

At M&T Tech, we’re a team of makers, doers, and builders, working to create the most advanced technology solutions in banking. We’re not your stereotypical suit and tie bankers: we’re an innovative team of leading tech experts, pushing boundaries, and taking risks. We’re building an agile team of the most skilled and creative workers to solve complex problems, architect solutions, write high-performance software, and chart our new path, all to make the lives of our customers, and the communities that we serve, better. Join us and be part of something new as we build tomorrow’s bank, today.

Overview:

We are seeking a highly skilled and experienced Lead Cybersecurity Engineer to join our dynamic cybersecurity team. In this role, you will be responsible for designing, implementing, and enhancing our cybersecurity vulnerability platforms and risk posture across our large-scale infrastructure, applications and systems. You will work closely with other security engineers, product teams, and IT professionals to ensure the resilience and integrity of our environment. The candidate will have strong technical expertise solving advanced complex problems or enhancements, a deep understanding of security frameworks, and a passion for protecting sensitive data from evolving threats, with a strong emphasis on vulnerability management, secure application testing, and automation.

The ideal candidate will have extensive expertise in managing and deploying vulnerability scanning tools, including but not limited to Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST), as well as a proven history of leading enterprise initiatives and mentoring junior engineers. Experience working in regulated environments is strongly preferred. The role also requires proficiency in scripting, programming, and automation to streamline security processes and improve efficiency.

Primary Responsibilities:
• Evaluate, design, implement, and manage vulnerability scanning tools and automated processes to streamline detection and response workflows
• Lead integrations of vulnerability scanning tools into the software development & lifecycle process, through collaboration with DevSecOps, IT, infrastructure and security teams, to ensure vulnerability management processes align with security best practices and organizational goals
• Design security systems or solutions with significant complexity and moderate risk, ensuring alignment with cybersecurity objectives and organizational needs.
• Configure and develop controls for security systems with significant complexity, to fortify system defenses and optimize performance of technologies.
• Lead testing efforts for systems and technology, coordinating with cross-functional teams and providing technical expertise in identifying and resolving issues.
• Manage deployment of security solutions for complex systems or technology, ensuring smooth integration with existing infrastructure and minimal disruption.
• Define and implement tuning methodologies for systems and technologies, using advanced analytical techniques to maximize efficiencies.
• Develop and implement automation and orchestration for complex systems to streamline security operations and response activities.
• Lead collaboration efforts with Cybersecurity and Technology teams to effectively implement and maintain security solutions for the organization.
• Lead improvement initiatives within Cybersecurity team, implementing best practices and optimizing processes to enhance security capabilities.
• Actively partner with vendor to optimize security products and/or drive resolution of complex support issues.
• Assist leadership with vendor relationships by maintaining when licenses need to be renewed, informing when hardware needs to be refreshed or new technologies should be considered.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:
• Designs and implements secure systems, technologies, policies and procedures to protect against cybersecurity threats and malicious activities. Architects, maintains, and optimizes the tools and capabilities leveraged by cyber security to achieve organizational objectives.
• Partners primarily with individual contributors and leaders within Cybersecurity and Technology, occasionally senior leaders within Cybersecurity
• Exercises judgement in selecting methods, techniques, and criteria in executing objectives. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
• Advanced ability to use multiple Cybersecurity tools, specific to function.
• Stays updated with the latest vulnerability management technologies, continuously monitoring and researching emerging threats and vulnerabilities in the cybersecurity landscape. Update security processes and tools accordingly to address new risks.

Manager Responsibilities:

No supervisory responsibilities.

Education and Experience Required:
• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of + years’ higher education and/or work experience
• In-depth knowledge and hands-on experience with vulnerability tools and technologies (e.g., Blackduck, Veracode, Qualsys, Rapid7, Checkmarx, Burp Suite, etc.)
• Strong knowledge of DevSecOps practices and secure integration into CI/CD pipelines.

Education and Experience Preferred:
• Proficiency in scripting and automation (e.g., Python, PowerShell, bash, Java, or similar).
• Experience with container security and cloud security tools (e.g., Docker, Kubernetes, AWS, Azure).
• Relevant certifications (e.g., CISSP, SSCP, CompTIA Security+, AWS Certified Security Specialty, Azure Security Engineer, or similar cybersecurity certifications) are a plus.
• Experience with security frameworks (e.g., NIST, CIS, OWASP)
• Advanced understanding of the security system development and infrastructure lifecycle and architecture, and systems design
• Proven experience with the development and customization of tools utilized in assigned Cybersecurity function
• Demonstrated ability to translate architecture into technical requirements
• Proficient level of critical thinking and problem solving ability
• Excellent communication and interpersonal skills
• Experience partnering with leaders to design solutions to business needs.
• Proficient persuasive communication skills to gain buy-in of others
• Strong ability to analyze and draw reliable conclusions based on large volumes of quantitative data from diverse sources
• Ability effectively serves in indirect leadership role

We Support Our Team Members With Generous Benefits.
• Competitive compensation
• Health, welfare, and retirement benefits
• 401(k) match at 5%
• Work-life balance and flexible work arrangements
• Banking Officers start with 25 days PTO plus 12 paid holidays
• 40 hours paid volunteer hours per year
• Much more. For details, see: M&T Benefits Overview

About M&T

M&T Bank is a Top 20 US bank holding company and one of the best performing and financial stable regional banks in the country, we offer our technology employees a wide range of performance-based career development opportunities. We have a strong commitment to our customers and the communities we serve, and we continue to grow with a focus on the future. So, when looking to advance your career, look to M&T. Grow with us.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $110,635.01 - $184,3+1.68 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Buffalo, New York, United States of America

Company address

United States
New York
Buffalo
Show on map Get directions
Company Name: M&T Bank
You will be redirected to another website to apply.
Offer ID: #1022149, Published: 2 weeks ago, Company registered: 7 months ago

Other offers

Accountants
1747login
· Chichester, GB
Company Description Circular Accountants is an ICAEW registered firm based in Chichester, supporting service-based companies focused on sustainability to manage their finances effectively. The firm is a Xero Bronze partn...
Financial Accountant
1747login
· Winnersh, GB
Job Description Summary BD is currently hiring for the position of Financial Accountant. You will be a member of the UK local finance team & Entity Finance COE (EFCOE) team. This is a key compliance role as part of t...
Head of Accountancy Services - Permanent - Hybrid working - Job Ref: 25015
1747login
· Poole, GB
Job Title: Head of Accountancy Services Salary: £50K to £70K (DOE) with bonus structure Role Type: Permanent Location: Poole / Hybrid Job Ref: 25015 Our client is a forward-thinking, client-focused accountancy firm that ...
Accounts Payable Accountant
1747login
· Aberdeen, GB
Borr Drilling are recruiting for an Accounts Payable Accountant to join our Europe Africa Team on a Fixed Term basis for approximately 8 months. The Accountants Payable (AP) accountant will be responsible for providing a...
Interim Year End Accountant
1747login
· Greater London, GB
Your New Company A listed business based in London is looking for an interim accountant to have ownership of all statutory reporting during the year-end and their audit. Your new role • Compile the annual statutory accou...
Accountant
1747login
· Coventry, GB
Our Values In line with our One Coventry Values, we want to ensure that our communities are represented across our workforce. A vital part of this is ensuring we are a truly inclusive organisation that encourages diversi...
Income and Reporting Accountant
1747login
· Glasgow, GB
Introduction Join us at Gallagher Re, the trailblazers of the reinsurance world, where every day brings new opportunities to shape the future. We empower our clients with cutting-edge analytics and insights, providing th...
Group Accountant Financial Services Watford £80,000 plus bonus 20%
1747login
· Watford, GB
Group Accountant Financial Services Watford £80,000 plus bonus 20% This is a role which might suit someone seeking a move from practice into financial Services in a senior role. Especially someone who had considered Fund...
Assistant Governance Accountant
1747login
· East Preston, GB
Job Title: Assistant Governance Accountant Location: Preston. We offer a range of hybrid and flexible working arrangements – please speak to your recruiter about the options for this particular role. Salary: £38,000 per ...
Lecturer or Senior Lecturer in Accounting
1747login
· Egham, GB
Department of Accounting and Financial Management Location Egham Salary Please see advert Post Type Full Time Closing Date Monday 10 March 2025 Reference 0225-043 Right to work: Applications from job seekers who require ...
Accounts Assistant
1747login
· Old Warden, GB
Alexander Steele Recruitment continues to work with a global food manufacturer with significant growth that shows no signs of slowing down. As a result, the business is looking to appoint an Accounts Assistant at their H...
Junior Accounts Assistant
1747login
· Rotherham, GB
FULL TIME JUNIOR ACCOUNTS ASSISTANT ROLE ROTHERHAM - salary circa £20-25K A fast growing group of companies based in Rotherham are recruiting for an accounts assistant to enhance the finance team. They are a close-knit t...
Carbon Accountant
1747login
· Edinburgh, GB
This placement offers a valuable opportunity to apply academic knowledge in a real-world sustainability context, gaining hands-on experience in emissions reporting and environmental performance analysis. • Closing date: ...
Accounts Assistant
1747login
· Saffron Walden, GB
Due to expansion, our client is looking for a part-time Accounts Assistant to join their growing business. This is an exciting opportunity to join a successful and vibrant firm where you will get the chance to work in a ...
Bookkeeper/Accounts
1747login
· Wetherby, GB
Bookkeeper Salary: £30,000 FTE dependent on skills and experience Wetherby, LS22 (free parking) Full Time, Permanent Monday – Friday office based About us Moulds & Co is a trusted accountancy and business advisory fi...