Infrastructure Security Scanning Manager
Remote, USA
M&T Bank
With a community bank approach, M&T Bank helps people reach their personal and business goals with banking, mortgage, loan and investment services.Role Overview:
As the Manager of Infrastructure Security Management at M&T Bank, you will lead the implementation and management of enterprise security controls across M&T’s on-premise environment and cloud environment, providing strategic technical leadership, and fostering a culture of operational excellence among the teams you lead. This role is integral to our technology transformation journey, ensuring the security posture of our bank-wide infrastructure and applications.
Key Responsibilities:
Lead the Cybersecurity Infrastructure Security team to develop a comprehensive strategy and roadmap to improve infrastructure security and securely enable M&T’s cloud journey
Responsible for leading a multi-disciplinary team focused on designing risk based vulnerability assessments, including but are not limited to, vulnerability testing, configuration management, and database monitoring.
Collaborate with cross-functional teams to integrate security measures into the infrastructure development, deployment, and monitoring
Provide guidance and support to infrastructure partners on security best practices and ensuring adherence to M&T’s security posture
Stay up to date on emerging threats and vulnerabilities, and proactively recommend security enhancements.
Lead and mentor a team of infrastructure security professionals to ensure a strong security posture across all infrastructure including on-premise and cloud infrastructure components
Own and manage Infrastructure Testing metric and remediation-related dashboards and reports.
Own and manage infrastructure security scanning tools and vendor relationships.
Develop analytics to evaluate and enhance the effectiveness of the vulnerability management program including, tools, technologies, policies.
Communicate effectively with all levels of organizational leadership, conveying complex technical concepts in a clear and concise manner.
Minimum Required Qualifications:
Bachelor’s degree and a minimum of 10 years’ of technology and cybersecurity domain experience, or in lieu of a degree, a combined minimum of 13 years’ higher education and/or work experience, including a minimum of 10 years’ of technology and cybersecurity domain experience.
A minimum of 3+ years of technical supervisory or management experience, demonstrating the ability to lead and inspire cross-functional teams including management experience within vulnerability management
Relevant work and leadership experience in two or more of the following Cybersecurity domains: Security and Risk Management, Asset Security, Security Engineering, Communication and Network Security, Identity and Access Management, Security Testing and Security Operations
Proven experience managing multiple stakeholder relationships, including determining needs, requirements, and resources, and managing stakeholder expectations while committing to delivering quality results
Proven experience communicating complex information, concepts, or ideas in a confident, accurate, and well-organized manner through verbal, written, and/or visual media
Proven experience adjusting and operating in a diverse, challenging, and unpredictable fast-paced work environment
Proven experience coordinating, collaborating, and disseminating information to multiple subordinate, peer, and leadership teams, departments, and organizations
Prior experience advising and providing assistance to operations and intelligence decision makers in response to dynamic situations
Preferred Qualifications:
Proven experience in infrastructure security, including vulnerability and configuration management in both on-premise and cloud environments
Strong understanding of infrastructure and cloud-based infrastructure technologies, and protocols.
Familiarity with industry standards and frameworks such as CVSS, EPSS, ISO 27001, and NIST.
Experience with security testing tools and techniques.
Excellent communication and leadership skills.
Hands-on experience with infrastructure security tools and technologies.
Familiarity with cloud security principles and practices.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics Cloud CVSS IAM ISO 27001 Monitoring Network security NIST Risk management Strategy Vulnerabilities Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Java-related jobs
- Open Kubernetes-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs