Lead Threat Detection Engineer

Overview

Responsible for designing, developing, and enhancing threat detection capabilities across the organization’s detection platforms. The primary focus will be the creation and optimization of threat detection use cases, leveraging advanced tools and techniques to identify and mitigate cyber threats in real time through the collaborate with cross-functional teams to ensure that the threat detection solutions align with the organization’s security strategy and address emerging threats effectively.

Completes day-to-day support activities and special projects.

• Design and implement advanced detection architectures across the organization’s security landscape, utilizing SIEM, EDR, NDR, and cloud security platforms. Ensure the detection infrastructure scales to handle the growing complexity and volume of enterprise threats.
• Lead the development and refinement of complex, high-fidelity detection use cases, custom correlation rules, and detection models tailored to the organization’s unique risk profile and threat landscape.
• Architect and implement advanced methods for the integration and fusion of internal, external, and commercial threat intelligence sources. Build and refine correlation techniques to identify sophisticated, multi-vector attacks, leveraging threat intelligence and behavioral analysis.
• Continuously enhance and optimize detection techniques, reducing alert fatigue and improving detection accuracy by applying advanced techniques like statistical analysis, machine learning, and automation. Implement continuous feedback loops to refine use cases and reduce false positives.
• Develop and implement automation and orchestration for complex systems to streamline security operations and response activities.
• Lead collaboration efforts with Cybersecurity and Technology teams to effectively implement and maintain security solutions for the organization.
• Lead improvement initiatives within Cybersecurity team, implementing best practices and optimizing processes to enhance security capabilities.
• Actively partner with vendor to optimize security products and/or drive resolution of complex support issues.
• Understand and adhere to the Company’s risk and regulatory standards, policies, and controls in accordance with the Company’s Risk Appetite. Design, implement, maintain, and enhance internal controls to mitigate risk on an ongoing basis. Identify risk-related issues needing escalation to management.
• Maintain M&T internal control standards, including timely implementation of internal and external audit points together with any issues raised by external regulators as applicable.
• Complete other related duties as assigned.

• This role is used in one or more of the following cybersecurity function:
• Detection Engineering – develops and deploys systems and processes to identify and respond to cybersecurity threats and incidents in real-time, aiming to minimize the impact of security events.
• Partners primarily with individual contributors and leaders within Cybersecurity and Technology, occasionally senior leaders within Cybersecurity
• Exercises judgement in selecting methods, techniques, and criteria in executing objectives. Exerts significant latitude in determining objective of assignment. Work is accomplished with limited direction.
• Advanced ability to use multiple Cybersecurity tools, specific to function.

No supervisory responsibilities.

• Bachelor's degree and a minimum of 5 years’ relevant work experience, or in lieu of a degree, a combined minimum of 9 years’ higher education and/or work experience

• In-depth experience in developing, testing, and refining advanced detection use cases, correlation rules, and automated workflows based on security data.
• Proficiency in designing and managing security data models to structure and optimize log data for efficient querying, reporting, and analysis. Experience in transforming raw security logs into actionable data for continuous monitoring and threat hunting.
• Experience in leveraging advanced analytics capabilities such as statistical…