M&T Bank

Lead Product Security Engineer

United States

M&T Bank Logo
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Financial ServicesIndustries

Requirements

Candidates should possess a Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related discipline and a minimum of 5 years of relevant work experience. They must demonstrate experience developing and maintaining automation for product security tasks and defect identification, along with advanced knowledge of industry standards and frameworks such as OWASP, ISO 27001, GDPR, PCI DSS, and NIST. Strong experience with security testing tools and techniques, including fixing vulnerabilities, is required, as well as a background in cybersecurity, manual code review, static/dynamic code analysis, threat modeling, and vulnerability management. Familiarity with at least 2-3 programming languages – Java, C#, JavaScript, Python, PHP, Ruby, or Scala – is also necessary.

Responsibilities

As the Lead Product Security Engineer, you will collaborate with cross-functional teams to integrate security measures into the software development process, conducting code reviews, providing secure code guidance, and performing threat modeling. You will stay up to date on emerging threats and vulnerabilities, proactively recommending security enhancements, and partner with engineering teams to provide guidance and support to developers on secure coding practices and security best practices. Additionally, you will mentor product security engineers and DevSecOps professionals, assist in the development of software security processes, configure security tools, manage solutions for addressing vulnerabilities, build and support security documentation, utilize product security scanning tools, and develop analytics to evaluate and enhance the effectiveness of the vulnerability management program. Finally, you will communicate effectively with organizational leadership, conveying complex technical concepts clearly and concisely.

Skills

Security automation
OWASP
ISO 27001
GDPR
PCI DSS
NIST
Security testing tools
Vulnerability fixing
Code review
Static code analysis
Dynamic code analysis
Threat modeling
Bug bounty research
Vulnerability management
Java
C#
JavaScript
Python
PHP
Ruby
Scala
SAST
DAST
IAST
SCA

M&T Bank

Full-service banking for individuals and businesses

About M&T Bank

M&T Bank provides a variety of banking services to individuals, small businesses, and larger companies. Their offerings include mortgage assistance, personal and business checking accounts, and mobile banking options. The bank primarily operates in the Northeastern and Mid-Atlantic regions of the United States, emphasizing community engagement and a focus on customer service. M&T Bank's business model is based on traditional banking practices, such as loans, deposits, and investment products, and it generates revenue through interest income and service fees. A key aspect that sets M&T Bank apart from its competitors is its commitment to community involvement, which includes allowing employees to volunteer and supporting local organizations. The recent merger with United Bank, N.A. has further expanded their services and market presence.

Key Metrics

Buffalo, New YorkHeadquarters
1993Year Founded
IPOCompany Stage
Financial ServicesIndustries
10,001+Employees

Risks

Competition from fintechs could erode M&T Bank's market share among tech-savvy customers.
Integration challenges from the United Bank merger may disrupt operations.
Decreased prime rate could reduce interest income, impacting profitability.

Differentiation

M&T Bank emphasizes community engagement through its charitable foundation and volunteer programs.
The bank offers a wide range of traditional and digital banking services.
Recent merger with United Bank, N.A. expands M&T's market reach and service offerings.

Upsides

M&T Bank's $1.5 billion senior notes offering strengthens its financial position.
Decreased prime rate may attract more borrowers, increasing loan volume.
Shannon Lazare's appointment as New Jersey Regional President enhances local community engagement.

Land your dream remote job 3x faster with AI