- 
        Container Security Specialist
- M&T Bank (Wilmington, DE)
- 
             _This role offers a hybrid work schedule at our Wilmington Tech Hub_ Overview: Container Security Specialist is responsible for tasks that ensure the secure operation of containerized applications. They must be able to design and implement and maintain security controls, assist with the development of policies and procedures, and assist our applications team with automating security tasks within the CI/CD pipeline. Monitoring container environments for threats, responding to security incidents, and staying updated on the latest security practices are also essential aspects of their role. Experience with Aqua or RedHat ACS is preferred but not mandatory. Primary Responsibilities: + Design, implement, and maintain security controls for containerized environments (e.g., Docker, Kubernetes) + Conduct security assessments and penetration testing of container images and deployments + Develop and maintain security policies and procedures for container usage + Assist with automating security tasks and integrate security into the CI/CD pipeline + Monitor container environments for security threats and vulnerabilities + Respond to security incidents and perform root cause analysis + Stay up-to-date on the latest container security threats and best practices + Collaborate with development, operations, and security teams to ensure a secure container environment + Formulate and recommend advanced best practices to technology teams on how to improve or implement new security practices, tools, and techniques based on industry standards and latest vulnerabilities to protect the bank from vulnerabilities. + Produce and interpret advanced reporting with recommendations for cybersecurity and technology leadership, including but not limited to audit reports identifying technical and procedural findings, common vulnerability score, and datasets for regulatory reporting. + Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management. + Promote an environment that supports belonging and reflects the M&T Bank brand. + Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable. + Complete other related duties as assigned. Scope of Responsibilities: + Partners with peers, manager, cybersecurity organization, technology teams, people leaders, and line of business teams + Determines and develops approach to solutions. Work is accomplished with periodic check-ins for alignment and limited direction. Work is evaluated upon completion to ensure objectives have been met. + Advanced knowledge of all vulnerability scanning and assessment tools + Advanced understanding of multiple vulnerability scanning and assessment tools + Subject matter expert understanding of industry best practices related to vulnerability and patch management. + Trains analyst to advanced level knowledge of vulnerability scanning and assessment tools, and industry best practices. + Second highest individual contributor escalation point in team Manager Responsibilities: No supervisory responsibilities. Education and Experience Required: + Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience + Excellent written and verbal communication skills + Strong ability to effectively communicate technical information to both non-technical and technical stakeholders, including up to senior leadership in Cybersecurity. + Experience effectively collaborating with leadership and with peers across the organization. + Prior experience with and demonstrable aptitude for quickly learning new technical skills. Education and Experience Preferred: + Advanced certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Global Information Assurance Certification (GIAC), OffSec Certified Professional (OSCP), or Cybersecurity domain-related industry-recognized certification (DoD Level II) + Demonstrated experience working in a highly regulated industry (e.g., finance, healthcare, government) + Experience evaluating, analyzing, and synthesizing large quantities of data (which may be fragmented and contradictory) and accurately determining the potential range and scope of threats and contributing towards intelligence reporting. + Proficient level of thinking critically and solving problems + Intermediate understanding of advanced vulnerability concepts and practices, such as vulnerability management solutions, asset identification and management, and mitigation management + Experience training analysts to ensure they have intermediate knowledge of and how to use security monitoring systems. \#LI-JB3 #Hybrid M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $102,939.06 - $171,565.10 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation. Location Wilmington, Delaware, United States of America M&T Bank Corporation is an Equal Opportunity/Affirmative Action Employer, including disabilities and veterans. 
 
 
- 
        
Recent Jobs
- 
                
                    Container Security Specialist
                
                - M&T Bank (Wilmington, DE)
- 
                
                    Principal Software Engineer
                
                - Microsoft Corporation (Redmond, WA)
- 
                
                    VP, Client Engineering and Solutions Architecture US
                
                - Warner Bros. Discovery (New York, NY)
- 
                
                    Software Engineering Manager 1
                
                - Northrop Grumman (Annapolis Junction, MD)