Cybersecurity Detection Automation Team Lead

This role offers a hybrid work schedule; offering the flexibility to work remotely two days a week, while providing the opportunity for in-person collaboration at our Wilmington, DE Tech Hub.

Overview:

Manages the activities of a cybersecurity automation team responsible for designing, implementing, and maintaining security orchestration and automation workflows to enhance threat detection and response. This role provides technical leadership, strategic direction, and day-to-day oversight of automation initiatives across multiple cybersecurity operations teams. The Cybersecurity Automation Team Leadpartners with cybersecurity and technology teams to drive efficiency, reduce response times, and strengthen the organization’s overall cyber defense posture.

Primary Responsibilities:

• Lead the design, development, and implementation of security automation workflows using SOAR platforms, driving operational efficiency and enhancing incident response capabilities.
• Collaborate closely with Threat Intelligence, SOC, Threat Hunting, and Incident Response teams to identify automation opportunities that strengthen threat detection, investigation, and response processes.
• Develop and maintain automated playbooks and runbooks that align with threat intelligence, MITRE ATT&CK framework, and organizational risk priorities.
• Mentor and coach a team of cybersecurity automation engineers, providing technical leadership, guidance on best practices, and career development support.
• Establish and monitor metrics for automation initiatives, providing regular reporting to senior cybersecurity leadership on performance improvements and risk reduction outcomes.
• Ensure all automation initiatives comply with cybersecurity governance standards, policies, and regulatory requirements, including documentation of workflows, controls, and change management procedures.
• Build strong partnerships with stakeholders to ensure immediate function(s) of oversight meets the Cybersecurity objectives.
• Exercise usual authority of a manager concerning staffing, performance appraisals, promotions, salary recommendations, performance management and terminations.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Promote an environment that supports belonging and reflects the M&T Bank brand.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

Scope of Responsibilities:

• Primary partners: Cybersecurity Senior Managers and Managers.
• Stakeholders: Technology team and the Bank.
• Work is accomplished with limited direction; translates Cybersecurity imperatives to objectives within team.
• Oversees 1 or more function(s)/team(s) within Cybersecurity.
• Typically leads a team of 5-10 FTEs (entry to mid-level individual contributors).
• Provides input for budget as it pertains to specific team needs, and accountable for meeting budget.
• This role manages one or more functions/teams/departments within Cybersecurity:
  • Operations and Threat – proactively identify, analyze, and respond to cyber threats, ensuring the Bank's digital assets are secure and resilient against potential risks and attacks. Functions/teams may include security operations center, governance & oversight, insider threat, data loss prevention, threat intel & hunt, incident response, detection & protection engineering
  • Security Engineering – design, implementation, and management of robust security measures and systems to protect digital assets, data, and networks from cybersecurity threats and unauthorized access. It encompasses various disciplines such as network security, access controls, and threat protection and detection, with the overarching goal of ensuring the confidentiality, integrity, and availability of information in the face of evolving cybersecurity risks

Manager Responsibility:

Typically leads a team of 5-10 FTEs (entry to mid-level individual contributors)

Education and Experience Required:

• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience
• Demonstrated advanced knowledge of Cybersecurity principles.
• Minimum 4 years’ work experience in/with the specific cybersecurity function.
• Minimum 1 year’s managerial experience.

Education and Experience Preferred:

• Minimum of 2 years’ managerial experience.
• Proven ability to train and mentor cybersecurity individual contributors.
• Excellent communication skills
• Excellent interpersonal skills.
• Proficient persuasive communication skills to gain buy-in of others.
• Experience prioritizing across competing priorities and quickly changing landscape.
• Experience in a highly regulated industry environment.
• Understanding of financial services regulations, compliance requirements, and risk management practices.

M&T Bank is committed to fair, competitive, and market-informed pay for our employees. The pay range for this position is $121,698.75 - $202,831.26 (USD). The successful candidate’s particular combination of knowledge, skills, and experience will inform their specific compensation. Location Wilmington, Delaware, United States of America