M&T Bank

Lead Product Security Engineer

United States

Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Financial ServicesIndustries

Position Overview

  • Location Type: Not Specified
  • Employment Type: Full Time
  • Salary: Not Specified

As the Lead Product Security Engineer at M&T Bank, you will support and participate in the building and implementation of software security controls in all stages of the product development life cycle. This role will offer you the opportunity to be involved with a wide range of responsibilities in transforming the software security culture and technologies. We are looking for a highly motivated, talented, and hands-on engineer who will be responsible for identifying and mitigating software vulnerabilities through code reviews, security assessments, threat modeling, and providing secure coding guidance to software engineers. This role is integral to our technology transformation journey, ensuring the security posture of our bank-wide infrastructure and products.

Requirements

  • Education: Bachelor’s degree in Computer Science, Information Systems, Cybersecurity or applicable discipline.
  • Experience: Minimum of 5 years of relevant work experience.
  • Technical Skills:
    • Demonstrable experience developing and maintaining automation for product security tasks and defect identification.
    • Advanced knowledge with industry standards and frameworks such as OWASP, ISO 27001, GDPR, PCI DSS, and NIST.
    • Advanced experience with security testing tools and techniques and fixing vulnerabilities.
    • Strong background in cybersecurity, manual code review, static/dynamic code analysis, threat modeling, bug bounty research and vulnerability management.
    • Experience with at least 2-3 of the following programming languages: Java, C#, JavaScript, Python, PHP, Ruby, Scala.
    • Hands-on experience with product security tools and exploit tools and methods.
    • Hands-on experience with product security testing tools such as SAST, DAST, IAST, SCA.

Responsibilities

  • Collaborate with cross-functional teams to integrate security measures into the software development process, including conducting code reviews, secure code guidance, and threat modeling.
  • Stay up to date on emerging threats and vulnerabilities, and proactively recommend security enhancements.
  • Partner with engineering teams and provide guidance and support to developers on secure coding practices and security best practices.
  • Mentor product security engineers and DevSecOps professionals to ensure a strong security posture across all software development and deployments.
  • Assist in the development of software security processes, configuration of tools, and management of solutions to tactically address software security vulnerabilities.
  • Build and support high quality security documentation for product security best practices.
  • Utilize product security scanning tools to track, analyze, and manage vulnerabilities.
  • Develop analytics to evaluate and enhance the effectiveness of the vulnerability management program, including tools, technologies, and policies.
  • Communicate effectively with all levels of organizational leadership, conveying complex technical concepts in a clear and concise manner.

Application Instructions

  • Not Specified

Company Information

  • Company: M&T Bank

Skills

Security automation
OWASP
ISO 27001
GDPR
PCI DSS
NIST
Security testing tools
Vulnerability fixing
Code review
Static code analysis
Dynamic code analysis
Threat modeling
Bug bounty research
Vulnerability management
Java
C#
JavaScript
Python
PHP
Ruby
Scala
SAST
DAST
IAST
SCA

M&T Bank

Full-service banking for individuals and businesses

About M&T Bank

M&T Bank provides a variety of banking services to individuals, small businesses, and larger companies. Their offerings include mortgage assistance, personal and business checking accounts, and mobile banking options. The bank primarily operates in the Northeastern and Mid-Atlantic regions of the United States, emphasizing community engagement and a focus on customer service. M&T Bank's business model is based on traditional banking practices, such as loans, deposits, and investment products, and it generates revenue through interest income and service fees. A key aspect that sets M&T Bank apart from its competitors is its commitment to community involvement, which includes allowing employees to volunteer and supporting local organizations. The recent merger with United Bank, N.A. has further expanded their services and market presence.

Buffalo, New YorkHeadquarters
1993Year Founded
IPOCompany Stage
Financial ServicesIndustries
10,001+Employees

Risks

Competition from fintechs could erode M&T Bank's market share among tech-savvy customers.
Integration challenges from the United Bank merger may disrupt operations.
Decreased prime rate could reduce interest income, impacting profitability.

Differentiation

M&T Bank emphasizes community engagement through its charitable foundation and volunteer programs.
The bank offers a wide range of traditional and digital banking services.
Recent merger with United Bank, N.A. expands M&T's market reach and service offerings.

Upsides

M&T Bank's $1.5 billion senior notes offering strengthens its financial position.
Decreased prime rate may attract more borrowers, increasing loan volume.
Shannon Lazare's appointment as New Jersey Regional President enhances local community engagement.

Land your dream remote job 3x faster with AI