Cybersecurity DLP Engineer
Buffalo, NY
Full Time Senior-level / Expert USD 93K - 155K
M&T Bank
With a community bank approach, M&T Bank helps people reach their personal and business goals with banking, mortgage, loan and investment services.Overview:
An ideal Data Loss Prevention Engineer will design detailed data protection solutions and present as a Subject Matter Expert (SME) on various industry Data Loss Prevention tool sets. The candidate will provide highly technical and detailed data analysis in efforts to drive continuous data protection improvement and provide detailed technical documentation on system architecture (including Visio), policy configurations and process workflows.
Primary Responsibilities:
- Data Loss Prevention Engineer will primarily be responsible for daily monitoring and maintenance of M&T Bank Data Loss Prevention tool sets. This includes being SME on DLP solutions, monitoring systems performance, analyzing, and making recommendation to improve detection capabilities based regulatory requirements, business processes and user behaviors.
- Support development, implementation, and execution of various operational risk and compliance related initiatives, systems, and processes.
- Provide centralized governance, compliance, and risk management expertise to M&T Bank Corporation business lines, support functions and managers concerning information security and privacy regulatory compliance and/or risk management and Information Technology and Bank Operations on all applicable information security and privacy regulations concerning financial institutions.
- With collaboration from senior team members, provide guidance, testing plans, and/or survey documents to be used by all business units to ensure conformance to established compliance, regulatory, best practice, and risk management programs.
- Identify potential conformance issues, review with supervisor or senior professionals, and provide to functional areas requiring improvements.
- Responsible for extensive contact with operations, technology, and business unit personnel in a training and auditing capacity.
- Support functions, systems, and processes critical to the corporation's ability to meet regulatory, legal, and risk mitigation requirements and to reduce the risk of fine/penalties resulting from non-compliance that would impact profitability.
- Interact with various internal and external audit/regulatory examination personnel.
- Operate under supervision of the Team Leader and provides guidance and mentoring to junior team members.
- Responsible for regular interaction with middle management, supervisors, and associated staff, Internal Audit, Compliance, Risk Management, the Corporate Information Security Officer (CISO), Chief Counsel's Office (CCO), and/or other technology personnel, clients, and vendors.
- Interact, coordinate, and oversee initiatives with internal and outside teams and external professional organizations supporting areas of expertise.
- Assist with documenting and communicating proposed new approaches, methods, technologies, or breakthroughs in area of expertise and coordinates efforts with junior team members to ensure accuracy and timeliness.
- Represent information security as a technical representative and Subject Matter Expert (SME) for governance, compliance, and risk management function on committees, ad-hoc projects, etc. as assigned.
- Work independently on all high-level systems analysis and technical phases of development.
- Oversee and coordinate activities of other Cybersecurity Network Defense team members on projects ranging in scope from small to large, may lead project activities.
- Understand and adhere to the Company’s risk and regulatory standards, policies and controls in accordance with the Company’s Risk Appetite. Identify risk-related issues needing escalation to management.
- Promote an environment that supports diversity and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
- Complete other related duties as assigned.
Education and Experience Required:
Associate degree and a minimum of 3 years’ relevant work experience,
OR in lieu of a degree,
A combined minimum of 5 years’ higher education and or work experience, including a minimum of relevant work experience in two (2) or more of the following Cybersecurity domains: a. Security and Risk Management; b. Asset Security; c. Security Engineering; d. Communication and Network Security; e. Identity and Access Management; f. Security Testing; and, g. Security Operations
Strong background of architecting, engineering, and automating security solutions for a global environment with focus on Data Loss Prevention solutions.
Knowledge of O365 Purview and MIP labeling technology.
Knowledge of Windows/Linux OS
Experience of Regex creation and testing
Knowledge of SIEM integrations
Understanding of Wireshark/network capture logs
General knowledge of infrastructure (LDAP, Group Policy, Kerberos, Active Directory, etc.) and networking (routing, firewalls, OSI Model, packet trace and analysis, etc.)
Prior experience in performing complex problem and data analysis and problem resolution across multiple disciplines
Prior experience with and demonstrable aptitude for quickly learning new technical skills and supporting multiple systems, tools, and processes
Detailed technical knowledge of Cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
Education and Experience Preferred:
Bachelor’s degree and a minimum of 2 years’ in Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations, or in lieu of a degree, a combined minimum of 6 years’ higher education and/or work experience, including a minimum of 2 years’ in Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations
Experience in a cyber security operational environment
Knowledge and experience using an incident response framework
Programming or scripting experience including API integrations
Knowledge of User and Entity Behavior Analytics solutions and training
Presentation skills
Data analysis including Excel/PowerBI
Detailed technical experience with virtual, and/or distributed computing environments
CISSP, CISM, or CRISC certification or Cybersecurity domain-related industry-recognized certification
Ability to act as a surrogate team leader to assign, review, evaluate and prioritize team efforts
M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $93,581.10 - $155,968.51 Annual (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation.Location:Buffalo, New York, United States of AmericaTags: Active Directory Analytics APIs Audits C CISM CISO CISSP Compliance CRISC Firewalls Governance IAM Incident response Kerberos LDAP Linux Monitoring Network security Privacy Risk management Scripting SIEM Windows
Perks/benefits: Career development Competitive pay
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Information Security Officer jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open SaaS-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open PowerShell-related jobs