Cyber Threat Research Intelligence Analyst

This role is four days onsite at our Seneca One Buffalo, NY location, with the flexibility to work from home one day per week Overview: Responsible for gathering, analyzing, and interpreting intelligence data to identify potential threats to M&T Bank's security. Uses this information to proactively to inform how Cybersecurity should strengthen defenses, mitigate threats, and enhance security posture. Manages the end-to-end indicator of compromise (IOC) lifecycle (intake, normalization, enrichment, scoring, dissemination, and retirement) to ensure high-fidelity intelligence reaches security controls quickly and safely. Primary Responsibilities: Independently collect and analyze intelligence data from various sources identify relevant information, and report findings to senior analysts and leaders for further review. Define and maintain indicator quality standards (source reliability, scoring, false-positive handling, freshness/decay) and ensure governance is applied consistently Monitor the IOC lifecycle: intake, normalization, de-duplication, enrichment, confidence scoring, deconfliction, expiration/TTL, and feedback loops. Operationalize IOCs by partnering with Cybersecurity Operations Center/Hunt/Detection Engineering teams to convert intelligence into detections, blocklists, and response actions. Document clear and concise threat intelligence findings into standardized format to incorporate into threat intelligence briefings for broader Cybersecurity team or leadership. Contribute insights from internal analysis for intelligence sharing initiatives with other organizations, information sharing groups, and industry groups. Analyze historical data and patterns to anticipate future threats and recommend proactive techniques to strengthen defenses. Attribute observed activities to a specific threat actor or group based on known tactics, techniques, and procedures. Monitor current events and emerging technologies to recognize potential correlations with evolving threat landscape, and communicate to cybersecurity teams to adjust internal technologies, policies, and procedures. Engage with vendors for routine security products or solutions support. Identify opportunities for tuning and development of threat intelligence platform’s rules, alerts, and correlation logic and share with security engineering. Manage day-to-day operations of threat intelligence systems, ensuring they are calibrated and functioning as needed. Collaborate across Cybersecurity and Technology to ensure appropriate threat intelligence is received and shared. Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management. Complete other related duties as assigned Scope of Responsibilities: Partners with peers, manager, and Cybersecurity team. Leverages established directions, policies, and guidelines to accomplish work. Work is reviewed for accuracy and overall quality. Determines and develops approaches to solutions. Work is evaluated upon completion to ensure objectives have been met. Work is accomplished with periodic check-ins for alignment and limited direction. Working knowledge of Open-Source Intelligence (OSINT) and social monitoring tools, Threat Intelligence Platform (TIP), Darkweb and malware research tools and understands how intelligence is processed and distributed through an IOC pipeline into downstream security controls. Education and Experience Required: Bachelor's degree and a minimum of 3 years’ relevant work experience, or in lieu of a degree, a combined minimum of 7 years’ higher education and/or work experience Minimum of 1 years' experience utilizing tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation Intermediate understanding of cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation Education and Experience Preferred: Understanding of different types of threat actors, and intermediate understanding of motivations and methodologies Industry recognized cybersecurity or technology certifications Technical understanding of networking and routing protocols, services, structures, architecture, and designs supporting modern communication networks Experience evaluating, analyzing, and synthesizing large quantities of data which may be fragmented and contradictory and accurately determining the potential range and scope of threats. Experience designing or operating IOC processing pipelines Experience integrating intelligence with Security Incident and Event Management (SIEM) and Endpoint Detection and Response (EDR) workflows and validating efficacy via telemetry (hits, false positives, decay). Experience establishing IOC governance and measurement. Understanding of financial crimes and how threat intelligence can assist in its mitigation. #LI-JB3 #Hybrid M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $97,100.00 - $161,800.00 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation. Location Buffalo, New York, United States of America Great companies have an enduring sense of purpose. At M&T, our purpose is a simple one: make a difference in people’s lives and uplift the communities we serve. M&T Bank Corporation is a financial holding company headquartered in Buffalo, New York. M&T’s affiliates offer advice, guidance, expertise and solutions across the entire financial spectrum, combining M&T Bank’s traditional banking services with the wealth management and institutional capabilities offered by Wilmington Trust. M&T Bank has a network of over 1,000 branches and 2,200 ATMs that span 12 states from Maine to Virginia and Washington, D.C. For more than 165 years, M&T has strived to take an active role in our communities and build long-lasting relationships with our customers. We are a bank for communities—combining the capabilities of a large bank with the care of a locally focused institution. As an employer of choice, we are proud to offer competitive benefits ranging from medical and retirement to forty hours of paid volunteer time, each year. Our core values – integrity, ownership, collaboration, curiosity, and candor – drive the work we do. We seek to further build upon our record of success by bringing in top talent and fresh skill sets while continuing to support the growth and development of all our team members. View M&T’s Human Capital Report to learn more. Ready to join our team? Submit your application today! If you are unable to apply through this site due to technical issues or need an accommodation to apply, please contact us at [email protected] for assistance. M&T Bank is unwavering when it comes to providing equal employment opportunities to all employees and applicants without regard to race, color, national origin, religion, ethnicity, sex, gender identity, age, disability, citizenship, pregnancy, veteran status, military status, marital status, sexual orientation, genetic information or any other characteristic protected under applicable federal, state or local laws. M&T Bank Corporation has policies and procedures in place to promote a drug free workplace. Career Site Privacy Notice

Apply tot his job

Apply To this Job