Attack Surface Management - Cyber Senior Manager
This position requires relocation to Buffalo, NY or Wilmington, DE.
This position will follow a hybrid work environment with 3 days onsite and 2 days work from home.
About Us:
M&T Bank is the 10th largest US national bank with a strong commitment to technological advancement and ensuring the utmost security for our customers' financial assets.
As part of our ongoing technology transformation, we are modernizing our entire vulnerability management program to fortify our defenses against emerging cyber threats.
We are seeking a dynamic and visionary leader to spearhead our Attack Surface Management strategy and drive impactful outcomes across the bank.
Role Overview:
As the Senior Vice President of Attack Surface Management at M&T Bank, you will play a pivotal role in leading the operations, growth, and enhancement of our threat intelligence, vulnerability management and application security domains.
Reporting directly to the Chief Information Security Officer or Director, Cloud Security and Architecture, you will provide strategic technical leadership, fostering a culture of operational excellence among the teams you lead.
This role is integral to our technology transformation journey, ensuring the security posture of our bank-wide infrastructure and applications.
Key
Responsibilities:
Develop a comprehensive vision, strategy, and roadmap for Attack Surface Management at M&T Bank building a comprehensive program tailored to the banking environment.
Lead and mentor a team of engineers, analysts, and technical program managers, nurturing their growth and empowering them to excel in their respective domains.
Serve as the subject matter expert on the broader threat landscape within the banking industry, collaborating with internal and external partners to identify emerging trends and potential risks.
Champion the importance of Attack Surface Management throughout the organization, providing actionable insights and recommendations to drive continuous improvement in our security posture.
Ensure the continuous operation of core capabilities including threat identification and monitoring, vulnerability lifecycle management, critical vulnerability triage, risk reporting, and consultation on mitigation techniques relevant to M&T Bank.
Deliver insightful security threat metrics and trend reporting to inform decision-making at all levels of the organization.
Attract, develop, and retain top technical talent, fostering a culture of innovation and excellence within the Attack Surface Management team.
Communicate effectively with all levels of organizational leadership, conveying complex technical concepts in a clear and concise manner.
Minimum Required QualificationBachelor's degree and a minimum of 9 years' cybersecurity domain experience, or in lieu of a degree, a combined minimum of 13 years' higher education and/or work experience, including a minimum of 9 years' cybersecurity experience.
Minimum of 9 years of experience in the cybersecurity domain, with a deep understanding of attacker tactics, techniques, and procedures specific to the financial sector.
At least 5 years of technical supervisory or management experience, demonstrating the ability to lead and inspire cross-functional teams including management experience within Cybersecurity.
Proficiency in understanding a comprehensive array of security tools including intrusion detection systems, firewalls, SIEM, EDR, web proxies, and network scanning technologies.
Understanding of new and modern Attack Surface Management tools and practices, third-party vendors in this space, and advancements in AI/ML and LLM technologies.
Strong familiarity with frameworks such as MITRE ATT&CK, Cyber Kill Chain, IoC ingestion, network penetration testing techniques, red teaming, and reverse engineering.
Experience with compliance standards such as PCI, GLBA, HIPAA, ISO, and NIST, ensuring adherence to regulatory requirements in the financial industry.
Experience in Application Security and DevSecOps practices, including familiarity with dependency scanning, CI/CD pipeline tools, and source code analysis tools.
Proven track record of collaborating across Information Security, GRC, and Engineering disciplines to improve vulnerability management architecture and integrate with existing processes and tooling.
Excellent leadership skills including coaching, team building, performance management, issue resolution, and negotiation.
Outstanding written and verbal communication skills, with the ability to influence and communicate effectively at all levels of the organization.
#ASM, #Cyber, #Leadership, #AttackSurfaceManagement, #LI-KB1M&T Bank is committed to fair, competitive, and market-informed pay for our employees.
The pay range for this position is $136,787.
30 - $227,978.
83 Annual (USD).
The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
Location:
Buffalo, New York, United States of AmericaSummaryLocation:
Buffalo, NYType:
Full time.
Estimated Salary: $20 to $28 per hour based on qualifications.
This position will follow a hybrid work environment with 3 days onsite and 2 days work from home.
About Us:
M&T Bank is the 10th largest US national bank with a strong commitment to technological advancement and ensuring the utmost security for our customers' financial assets.
As part of our ongoing technology transformation, we are modernizing our entire vulnerability management program to fortify our defenses against emerging cyber threats.
We are seeking a dynamic and visionary leader to spearhead our Attack Surface Management strategy and drive impactful outcomes across the bank.
Role Overview:
As the Senior Vice President of Attack Surface Management at M&T Bank, you will play a pivotal role in leading the operations, growth, and enhancement of our threat intelligence, vulnerability management and application security domains.
Reporting directly to the Chief Information Security Officer or Director, Cloud Security and Architecture, you will provide strategic technical leadership, fostering a culture of operational excellence among the teams you lead.
This role is integral to our technology transformation journey, ensuring the security posture of our bank-wide infrastructure and applications.
Key
Responsibilities:
Develop a comprehensive vision, strategy, and roadmap for Attack Surface Management at M&T Bank building a comprehensive program tailored to the banking environment.
Lead and mentor a team of engineers, analysts, and technical program managers, nurturing their growth and empowering them to excel in their respective domains.
Serve as the subject matter expert on the broader threat landscape within the banking industry, collaborating with internal and external partners to identify emerging trends and potential risks.
Champion the importance of Attack Surface Management throughout the organization, providing actionable insights and recommendations to drive continuous improvement in our security posture.
Ensure the continuous operation of core capabilities including threat identification and monitoring, vulnerability lifecycle management, critical vulnerability triage, risk reporting, and consultation on mitigation techniques relevant to M&T Bank.
Deliver insightful security threat metrics and trend reporting to inform decision-making at all levels of the organization.
Attract, develop, and retain top technical talent, fostering a culture of innovation and excellence within the Attack Surface Management team.
Communicate effectively with all levels of organizational leadership, conveying complex technical concepts in a clear and concise manner.
Minimum Required QualificationBachelor's degree and a minimum of 9 years' cybersecurity domain experience, or in lieu of a degree, a combined minimum of 13 years' higher education and/or work experience, including a minimum of 9 years' cybersecurity experience.
Minimum of 9 years of experience in the cybersecurity domain, with a deep understanding of attacker tactics, techniques, and procedures specific to the financial sector.
At least 5 years of technical supervisory or management experience, demonstrating the ability to lead and inspire cross-functional teams including management experience within Cybersecurity.
Proficiency in understanding a comprehensive array of security tools including intrusion detection systems, firewalls, SIEM, EDR, web proxies, and network scanning technologies.
Understanding of new and modern Attack Surface Management tools and practices, third-party vendors in this space, and advancements in AI/ML and LLM technologies.
Strong familiarity with frameworks such as MITRE ATT&CK, Cyber Kill Chain, IoC ingestion, network penetration testing techniques, red teaming, and reverse engineering.
Experience with compliance standards such as PCI, GLBA, HIPAA, ISO, and NIST, ensuring adherence to regulatory requirements in the financial industry.
Experience in Application Security and DevSecOps practices, including familiarity with dependency scanning, CI/CD pipeline tools, and source code analysis tools.
Proven track record of collaborating across Information Security, GRC, and Engineering disciplines to improve vulnerability management architecture and integrate with existing processes and tooling.
Excellent leadership skills including coaching, team building, performance management, issue resolution, and negotiation.
Outstanding written and verbal communication skills, with the ability to influence and communicate effectively at all levels of the organization.
#ASM, #Cyber, #Leadership, #AttackSurfaceManagement, #LI-KB1M&T Bank is committed to fair, competitive, and market-informed pay for our employees.
The pay range for this position is $136,787.
30 - $227,978.
83 Annual (USD).
The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.
Location:
Buffalo, New York, United States of AmericaSummaryLocation:
Buffalo, NYType:
Full time.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
