"Alerted.org

_This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Wilmington, DE Tech Hub_

Why Join M&T Bank?

At M&T Bank, cybersecurity isn’t just a function—it’s a mission-critical pillar of trust and resilience. As a Lead Cyber Incident Response Analyst, you’ll be at the forefront of defending a top 20 U.S. bank’s digital infrastructure, working with a team that values precision, collaboration, and innovation.

What You’ll Do:

+ Lead the response to complex cyber incidents, coordinating across threat intelligence, detection, and engineering teams - establishing relationships with business and technology leaders throughout the enterprise.

+ Develop and refine incident response playbooks and automation strategies.

+ Mentor junior analysts and contribute to the continuous improvement of detection and response capabilities.

+ Collaborate with cross-functional teams to ensure alignment with enterprise risk and compliance frameworks.

+ Consult on various aspects and impacts of technical threats to risk and business partners.

What You’ll Gain:

+ **Career Growth:** M&T is deeply committed to internal mobility and professional development, offering access to leadership training, certifications, and mentorship programs.

+ **Impactful Work:** Your contributions will directly influence the bank’s ability to protect millions of customers and maintain regulatory excellence.

Primary Responsibilities:

+ Determine root cause, scope of impact, and identify novel indicators of compromise or attack patterns of cybersecurity incidents through in-depth analysis and forensic investigation of incidents.

+ Contribute to refining and updating incident response plans based on lessons learned from previous incidents and industry best practices, ensuring they align with regulatory requirements.

+ Identify and recommend proactive measures to prevent future incidents, such as implementing security controls, making recommendations to technical security training, and assessing risk based on technical controls and potential impact.

+ Suggest avenues to advance investigation steps during an incident, contributing to effective and swift resolution of incident.

+ Partner with appropriate stakeholders to implement effective measures to contain and neutralize threats during incidents.

+ Lead interdepartmental teams to apply lessons learned to proactively implement measures that prevent future incidents.

+ Maintain detailed incident logs, including analysis and response activities, to support post-incident reviews, compliance requirements, and continuous improvement efforts and provide a reference for the future.

+ Provide clear and concise updates to stakeholders and management teams, including executive summaries, impact assessments, and recommendations for ongoing improvements to the incident response process.

+ Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.

+ Promote an environment that supports belonging and reflects the M&T Bank brand.

+ Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

+ Complete other related duties as assigned.

Scope of Responsibilities:

+ The position exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results and exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction

+ Primarily partners with individual contributors and people leaders from all business lines, up to directors and EVPs in business lines

+ Subject matter expert on multiple Cybersecurity platforms, applications, and tools within team

+ Leads documentation and execution of intermediate remediation plans that typically last between 1-2 months.

+ Leads large scale investigations and engagements across all business lines of the Bank.

Supervisory/Managerial** **Responsibilities:

No supervisory responsibilities.

Education and Experience Required:

+ Bachelor's degree and a minimum of 5 years’ relevant work experience, inclusive of 2 years' Cybersecurity incidence response work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience, including a minimum of 5 years' relevant work experience, inclusive of a minimum of 2 years' Cybersecurity incident response work experience

+ Advanced understanding of multiple Cybersecurity platforms, applications, and tools within team

+ Prior experience remaining composed and solving problems in high stress situations

Education and Experience Preferred:

+ Excellent verbal and written communication skills

+ Excellent interpersonal skills

+ Experience partnering with leaders to design solutions to business needs

+ Ability to influence incident response efforts inside and outside of Technology by leveraging project management principles, setting clear expectations, and escalating when appropriate

+ Ability to gain buy-in, related to incident response, of teams across the Bank through communicating priorities and risk

+ Prior experience prioritizing and delivering results across changing priorities and quickly changing landscape based on business and technology needs

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $121,698.75 - $202,831.26 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Wilmington, Delaware, United States of America

M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer, including disabilities and veterans.