The Role
Collect, triage, and analyze threat intelligence from OSINT and vendor feeds; identify IOCs/IOAs, malware, exploited vulnerabilities and TTPs; communicate actionable findings to SOC, Incident Response, Vulnerability Management, and stakeholders; maintain standardized intelligence formats and improve TIP rules and alerts.
Summary Generated by Built In
Overview:
Responsible for supporting threat intelligence data collection, alert triage, investigation, and the documentation of analysis and findings to minimize and defend the organization against cybersecurity threats. This role has a strong emphasis on researching third-party cybersecurity incidents, identifying relevant vulnerabilities, malware, and technical indicators, and ensuring actionable intelligence is communicated to the appropriate cybersecurity teams.
Primary Responsibilities:- Apply knowledge of data collection tools and methodologies to independently gather foundational intelligence data and determine the relevance and importance of the intelligence to the Bank's cybersecurity posture.
- Research third-party security incidents, breaches, and emerging cyber threats to identify vulnerabilities, malware, threat actor activity, and other relevant intelligence that may impact the organization.
- Monitor threat intelligence feeds provided by vendors, government agencies, and industry groups to remain current on the latest threats, determine relevance to the Bank, and report findings to senior analysts and stakeholders for further review and action.
- Analyze and tag threat intelligence data to identify cyber-related information that could impact the Bank, including indicators of compromise (IOCs), indicators of attack (IOAs), malware activity, exploited vulnerabilities, and threat actor tactics, techniques, and procedures (TTPs).
- Demonstrate proficiency in identifying and interpreting technical indicators and determining which cybersecurity teams should be informed and engaged based on the nature of the indicators and associated risk.
- Organize and structure collected intelligence into standardized formats to facilitate effective analysis, sharing, and operational use across cybersecurity functions.
- Analyze historical threat data and patterns to anticipate future threats and contribute insight to proactive defense measures.
- Identify common tactics, techniques, and procedures used by threat actors through correlation of observed activities with known threat behaviors and frameworks.
- Conduct initial analysis of threats by compiling, sorting, and contextualizing data to support the broader intelligence lifecycle.
- Monitor current events, cybersecurity incidents, and technological advancements, and summarize relevant TTPs, vulnerabilities, and threat trends for cybersecurity teams to incorporate into internal controls, policies, and procedures.
- Collaborate with Cybersecurity Operations, Incident Response, Vulnerability Management, Fraud, and other stakeholders to ensure appropriate threat intelligence is received, prioritized, and shared.
- Report insights gleaned from threat intelligence monitoring and participate in intelligence-sharing initiatives with peer organizations, information-sharing groups, and industry partners.
- Collect and provide relevant data to troubleshoot vendor issues and identify root causes.
- Suggest opportunities for configuration, tuning, and integration of threat intelligence platform rules and alerts to improve threat intelligence capabilities and reduce false positives.
- Understand and adhere to the Company's risk and regulatory standards, policies, and controls in accordance with the Company's Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
- Promote an environment that supports belonging and reflects the M&T Bank brand.
- Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators, as applicable.
- Complete other related duties as assigned.
- Partners with peers, manager, and Cybersecurity team.
- Leverages established directions, policies, and guidelines to accomplish work. Work is reviewed for accuracy and overall quality.
- Basic understanding of Open-Source Intelligence (OSINT) and social monitoring tools, Threat Intelligence Platform (TIP)
- Bachelor's degree and a minimum of 2 years’ relevant work experience, or in lieu of a degree, a combined minimum of 6 years’ higher education and/or work experience
- Knowledge of tools, techniques, and methodologies analyzing and mitigating cyber-attack stages, including reconnaissance, scanning, enumeration, access escalation, privilege escalation, exploitation, and obfuscation.
- Basic understanding of cyber threat intelligence principles, indicators of compromise (IOCs), indicators of attack (IOAs), malware analysis concepts, and vulnerability management.Ability to evaluate threat information and communicate relevant technical indicators to appropriate cybersecurity stakeholders.
- Industry-recognized cybersecurity certification (Security+, CySA+, GCTI, GCIA, CISSP, or similar).
- Experience researching cyber incidents and third-party breaches to identify vulnerabilities, malware activity, indicators of compromise, and emerging threats.
- Knowledge of common networking and routing protocols, services, architectures, and designs supporting modern communication networks.
- Experience evaluating, analyzing, and synthesizing large quantities of data that may be fragmented, incomplete, or contradictory.
- Understanding of different types of threat actors and their motivations, objectives, and methodologies.
- Understanding of intelligence requirements for Cybersecurity Operations Centers (SOCs), Incident Response, Vulnerability Management, and Financial Crimes teams.
- Understanding of threat intelligence concepts, including malware and ransomware activity, phishing campaigns, insider threats, and exploitation of vulnerabilities.
- Strong critical thinking, analytical, and problem-solving skills.
- Ability to quickly learn new technologies and technical skills.
Skills Required
- Bachelor's degree and a minimum of 2 years' relevant work experience, or in lieu of a degree, a combined minimum of 6 years' higher education and/or work experience.
- Knowledge of tools, techniques, and methodologies for analyzing and mitigating cyber-attack stages (reconnaissance, scanning, enumeration, privilege escalation, exploitation, obfuscation).
- Basic understanding of cyber threat intelligence principles, indicators of compromise (IOCs), indicators of attack (IOAs), malware analysis concepts, and vulnerability management; ability to evaluate and communicate technical indicators to stakeholders.
- Basic understanding of Open-Source Intelligence (OSINT), social monitoring tools, and Threat Intelligence Platforms (TIP).
- Experience with data collection tools and methodologies to gather and contextualize intelligence data.
- Industry-recognized cybersecurity certification (Security+, CySA+, GCTI, GCIA, CISSP, or similar).
- Experience researching cyber incidents and third-party breaches to identify vulnerabilities, malware activity, and indicators of compromise.
- Knowledge of common networking and routing protocols, services, architectures, and modern communication network designs.
- Experience evaluating, analyzing, and synthesizing large, fragmented, or incomplete data sets.
- Understanding of threat actors, SOC intelligence requirements, malware/ransomware/phishing activity, and financial crimes-related threats; strong analytical and critical-thinking skills.
M&T Bank Compensation & Benefits Highlights
The following summarizes recurring compensation and benefits themes identified from responses generated by popular LLMs to common candidate questions about M&T Bank and has not been reviewed or approved by M&T Bank.
-
Retirement Support — Retirement benefits are positioned as a strong pillar, including a 401(k) match and the possibility of an additional employer contribution, plus access to an employee stock purchase plan.
-
Leave & Time Off Breadth — Time-off offerings are framed as competitive, with a flexible PTO approach and paid volunteer time called out as a meaningful add-on to standard leave.
-
Wellbeing & Lifestyle Benefits — Wellbeing support appears comparatively robust, highlighted by mental-health therapy/coaching sessions and broader wellness programming alongside community-oriented perks.
M&T Bank Insights
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
M&T Bank is a multi-state community-focused bank serving New York, Maryland, New Jersey, Pennsylvania, Delaware, Connecticut, Virginia, West Virginia and Washington, D.C. Founded in 1856, the company provides banking, investment, insurance and mortgage financial services to more than 3.6 million consumer, business and government clients.
.png)






