Lead Cyber Threat Detection Engineer

About The Position

Requirements

• Bachelor's degree and a minimum of 5 years' relevant work experience, or in lieu of a degree, a combined minimum of 9 years' higher education and/or work experience.

Nice To Haves

• In-depth experience in developing, testing, and refining advanced detection use cases, correlation rules, and automated workflows based on security data.
• Proficiency in designing and managing security data models to structure and optimize log data for efficient querying, reporting, and analysis.
• Experience in leveraging advanced analytics capabilities such as statistical analysis, machine learning models, risk based analytics and anomaly detection.
• Proficient level of critical thinking and problem solving ability.
• Excellent communication and interpersonal skills.
• Experience partnering with leaders to design solutions to business needs.
• Proficient persuasive communication skills to gain buy-in of others.
• Strong ability to analyze and draw reliable conclusions based on large volumes of quantitative data from diverse sources.
• Ability to effectively serve in an indirect leadership role.

Responsibilities

• Design and implement advanced detection architectures across the organization's security landscape, utilizing SIEM, EDR, NDR, and cloud security platforms.
• Lead the development and refinement of complex, high-fidelity detection use cases, custom correlation rules, and detection models tailored to the organization's unique risk profile and threat landscape.
• Architect and implement advanced methods for the integration and fusion of internal, external, and commercial threat intelligence sources.
• Continuously enhance and optimize detection techniques, reducing alert fatigue and improving detection accuracy by applying advanced techniques like statistical analysis, machine learning, and automation.
• Develop and implement automation and orchestration for complex systems to streamline security operations and response activities.
• Lead collaboration efforts with Cybersecurity and Technology teams to effectively implement and maintain security solutions for the organization.
• Lead improvement initiatives within Cybersecurity team, implementing best practices and optimizing processes to enhance security capabilities.
• Actively partner with vendor to optimize security products and/or drive resolution of complex support issues.
• Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite.
• Promote an environment that supports diversity and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Benefits

• 401k
• health insurance
• dental insurance
• vision insurance
• paid holidays
• tuition reimbursement
• flexible scheduling