Lead Incident Response Analyst

This role offers a hybrid work schedule at our Wilmington, DE Tech Hub

Why Join M&T Bank?

At M&T Bank, cybersecurity isn't just a function-it's a mission-critical pillar of trust and resilience. As a Lead Cyber Incident Response Analyst, you'll be at the forefront of defending a top 20 U.S. bank's digital infrastructure, working with a team that values precision, collaboration, and innovation.

What You'll Do :

Lead the response to complex cyber incidents, coordinating across threat intelligence, detection, and engineering teams - establishing relationships with business and technology leaders throughout the enterprise.

Develop and refine incident response playbooks and automation strategies.

Mentor junior analysts and contribute to the continuous improvement of detection and response capabilities.

Collaborate with cross-functional teams to ensure alignment with enterprise risk and compliance frameworks.

Consult on various aspects and impacts of technical threats to risk and business partners.

What You'll Gain :

Career Growth : M&T is deeply committed to internal mobility and professional development, offering access to leadership training, certifications, and mentorship programs.

Impactful Work : Your contributions will directly influence the bank's ability to protect millions of customers and maintain regulatory excellence.

Primary Responsibilities :

Determine root cause, scope of impact, and identify novel indicators of compromise or attack patterns of cybersecurity incidents through in-depth analysis and forensic investigation of incidents.

Contribute to refining and updating incident response plans based on lessons learned from previous incidents and industry best practices, ensuring they align with regulatory requirements.

Identify and recommend proactive measures to prevent future incidents, such as implementing security controls, making recommendations to technical security training, and assessing risk based on technical controls and potential impact.

Suggest avenues to advance investigation steps during an incident, contributing to effective and swift resolution of incident.

Partner with appropriate stakeholders to implement effective measures to contain and neutralize threats during incidents.

Lead interdepartmental teams to apply lessons learned to proactively implement measures that prevent future incidents.

Maintain detailed incident logs, including analysis and response activities, to support post-incident reviews, compliance requirements, and continuous improvement efforts and provide a reference for the future.

Provide clear and concise updates to stakeholders and management teams, including executive summaries, impact assessments, and recommendations for ongoing improvements to the incident response process.

Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Identify risk-related issues needing escalation to management.

Promote an environment that supports belonging and reflects the M&T Bank brand.

Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.

Complete other related duties as assigned.

Scope of Responsibilities :

The position exercises judgement in selecting methods, techniques, and evaluation criteria in obtaining results and exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction

Primarily partners with individual contributors and people leaders from all business lines, up to directors and EVPs in business lines

Subject matter expert on multiple Cybersecurity platforms, applications, and tools within team

Leads documentation and execution of intermediate remediation plans that typically last between 1-2 months.

Leads large scale investigations and engagements across all business lines of the Bank.

Supervisory / Managerial Responsibilities :

No supervisory responsibilities.

Education and Experience Required :

Bachelor's degree and a minimum of 5 years' relevant work experience, inclusive of 2 years' Cybersecurity incidence response work experience, or in lieu of a degree, a combined minimum of 9 years' higher education and / or work experience, including a minimum of 5 years' relevant work experience, inclusive of a minimum of 2 years' Cybersecurity incident response work experience

Advanced understanding of multiple Cybersecurity platforms, applications, and tools within team

Prior experience remaining composed and solving problems in high stress situations

Education and Experience Preferred :

Excellent verbal and written communication skills

Excellent interpersonal skills

Experience partnering with leaders to design solutions to business needs

Ability to influence incident response efforts inside and outside of Technology by leveraging project management principles, setting clear expectations, and escalating when appropriate

Ability to gain buy-in, related to incident response, of teams across the Bank through communicating priorities and risk

Prior experience prioritizing and delivering results across changing priorities and quickly changing landscape based on business and technology needs

#LI-JB3 #Hybrid

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $121,698.75 - $202,831.26 (USD). The successful candidate's particular combination of knowledge, skills, and experience will inform their specific compensation.

Location

Wilmington, Delaware, United States of America

M&T Bank Corporation is an Equal Opportunity / Affirmative Action Employer, including disabilities and veterans.