Container Security Specialist

M&T Bank-posted 13 days ago
Full-time • Mid Level
Hybrid • Buffalo, NY
5,001-10,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

Container Security Specialist is responsible for tasks that ensure the secure operation of containerized applications. They must be able to design and implement and maintain security controls, assist with the development of policies and procedures, and assist our applications team with automating security tasks within the CI/CD pipeline. Monitoring container environments for threats, responding to security incidents, and staying updated on the latest security practices are also essential aspects of their role. Experience with Aqua or RedHat ACS is preferred but not mandatory.

  • Design, implement, and maintain security controls for containerized environments (e.g., Docker, Kubernetes)
  • Conduct security assessments and penetration testing of container images and deployments
  • Develop and maintain security policies and procedures for container usage
  • Assist with automating security tasks and integrate security into the CI/CD pipeline
  • Monitor container environments for security threats and vulnerabilities
  • Respond to security incidents and perform root cause analysis
  • Stay up-to-date on the latest container security threats and best practices
  • Collaborate with development, operations, and security teams to ensure a secure container environment
  • Formulate and recommend advanced best practices to technology teams on how to improve or implement new security practices, tools, and techniques based on industry standards and latest vulnerabilities to protect the bank from vulnerabilities.
  • Produce and interpret advanced reporting with recommendations for cybersecurity and technology leadership, including but not limited to audit reports identifying technical and procedural findings, common vulnerability score, and datasets for regulatory reporting.
  • Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite.
  • Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis.
  • Identify risk-related issues needing escalation to management.
  • Promote an environment that supports belonging and reflects the M&T Bank brand.
  • Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
  • Complete other related duties as assigned.
  • Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience
  • Excellent written and verbal communication skills
  • Strong ability to effectively communicate technical information to both non-technical and technical stakeholders, including up to senior leadership in Cybersecurity.
  • Experience effectively collaborating with leadership and with peers across the organization.
  • Prior experience with and demonstrable aptitude for quickly learning new technical skills.
  • Advanced knowledge of all vulnerability scanning and assessment tools
  • Advanced understanding of multiple vulnerability scanning and assessment tools
  • Subject matter expert understanding of industry best practices related to vulnerability and patch management.
  • Trains analyst to advanced level knowledge of vulnerability scanning and assessment tools, and industry best practices.
  • Advanced certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), OffSec Certified Professional (OSCP), or Cybersecurity domain-related industry-recognized certification (DoD Level II)
  • Demonstrated experience working in a highly regulated industry (e.g., finance, healthcare, government)
  • Experience evaluating, analyzing, and synthesizing large quantities of data (which may be fragmented and contradictory) and accurately determining the potential range and scope of threats and contributing towards intelligence reporting.
  • Proficient level of thinking critically and solving problems
  • Intermediate understanding of advanced vulnerability concepts and practices, such as vulnerability management solutions, asset identification and management, and mitigation management
  • Experience training analysts to ensure they have intermediate knowledge of and how to use security monitoring systems.
  • Experience with Aqua or RedHat ACS is preferred but not mandatory
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service