Bank of America
Cyber Threat Intelligence Analyst
Bank of America, Charlotte, North Carolina, United States, 28245
Client:
Bank of America Location:
HYBRID 3 days onsite in Charlotte, NC Contract:
Can extend to 18 months The Cyber Crime Defense function within Global Information Security is responsible for working across the enterprise to reduce exposure to cybercrime thereby instilling continued confidence of our clients, customers, and shareholders. The Cyber Crime Disruption Analyst is responsible to assist in executing the overall Cyber Crime Disruption strategy. The candidate will provide specialized support across various lines of business enabling strategic fraud response actions. The candidate will work with technical teams to identify cyber-crime activities in flight, as well as provide specialized technical expertise to facilitate daily operational disruption activities. The candidate will review social engineering attack activities to evaluate greater response possibilities, assist with the development of interview strategies, criminal actor attribution, analyze novel techniques or tactics and support organizational awareness activities. The candidate will also work closely with Cyber-Threat Intelligence analysts, fraud analysts and on analytic projects supporting the banks initiatives to minimize the banks exposure to cyber-crime. Responsibilities: Maintain an operational understanding of social engineering techniques and tradecraft, including familiarity with latest attack trends Manage operational risks related to ongoing social engineering disruption and response actions and implement mitigation steps Review collected technical data to identify potential indicators of threat activity, and evaluate threats for response options Prepare in-depth threat activity reports detailing social engineering activities, identified indicators, victim identification, and other relevant essential elements of information (EEIs) Provide coaching on active tactics, and techniques supporting SEER operational efforts Identify novel social engineering tradecraft for inclusion in GIS threat reporting Coordinate cyber-crime disruption efforts, integrating global teams and operations groups managing complex problem sets Enable cross-functional stakeholders to identify gaps, develop solutions, and facilitate implementation Establish trusted relationships with key cross-functional business partners including multiple product teams, regional offices, and support functions Leverage knowledge of information security principles to mitigate financial crime and cyber-crime related activities Lead collaboration with peers, industry associations, law enforcement, and other trusted groups Build strategic partnerships across the company to reduce operational exposure to cyber-crime Must be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding Prepare and present on social engineering threat activities relative to company customers and clients Requirements: 5+ years of experience in Cyber Threat Intelligence Experience collecting, analyzing, and actioning Threat Intelligence Must demonstrate extensive knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups, and both state and non-state sponsored threat actors Ability to provide expert guidance on threat trends, analysis methods, and defensive strategies to senior management and key stakeholders Strong technical experience performing OSINT investigations Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups, and both state and non-state sponsored threat actors Technical experience with Threat Intelligence tools such as Passive DNS, Network Flow Analysis, Maltego, Virus Total, URLScan, etc. Ability to analyze threats and distill common Indicators of Attack and Indicators of Compromise Technical experience with defensive tools for actioning threat intelligence including tools like SIEM/Splunk, EDR, Big Data Platforms, etc. Deep experience working with industry-wide frameworks and standards like MITRE ATTCK Ability to navigate and work effectively across a complex, geographically dispersed organization Experience with threat intelligence vendors and platforms
Bank of America Location:
HYBRID 3 days onsite in Charlotte, NC Contract:
Can extend to 18 months The Cyber Crime Defense function within Global Information Security is responsible for working across the enterprise to reduce exposure to cybercrime thereby instilling continued confidence of our clients, customers, and shareholders. The Cyber Crime Disruption Analyst is responsible to assist in executing the overall Cyber Crime Disruption strategy. The candidate will provide specialized support across various lines of business enabling strategic fraud response actions. The candidate will work with technical teams to identify cyber-crime activities in flight, as well as provide specialized technical expertise to facilitate daily operational disruption activities. The candidate will review social engineering attack activities to evaluate greater response possibilities, assist with the development of interview strategies, criminal actor attribution, analyze novel techniques or tactics and support organizational awareness activities. The candidate will also work closely with Cyber-Threat Intelligence analysts, fraud analysts and on analytic projects supporting the banks initiatives to minimize the banks exposure to cyber-crime. Responsibilities: Maintain an operational understanding of social engineering techniques and tradecraft, including familiarity with latest attack trends Manage operational risks related to ongoing social engineering disruption and response actions and implement mitigation steps Review collected technical data to identify potential indicators of threat activity, and evaluate threats for response options Prepare in-depth threat activity reports detailing social engineering activities, identified indicators, victim identification, and other relevant essential elements of information (EEIs) Provide coaching on active tactics, and techniques supporting SEER operational efforts Identify novel social engineering tradecraft for inclusion in GIS threat reporting Coordinate cyber-crime disruption efforts, integrating global teams and operations groups managing complex problem sets Enable cross-functional stakeholders to identify gaps, develop solutions, and facilitate implementation Establish trusted relationships with key cross-functional business partners including multiple product teams, regional offices, and support functions Leverage knowledge of information security principles to mitigate financial crime and cyber-crime related activities Lead collaboration with peers, industry associations, law enforcement, and other trusted groups Build strategic partnerships across the company to reduce operational exposure to cyber-crime Must be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding Prepare and present on social engineering threat activities relative to company customers and clients Requirements: 5+ years of experience in Cyber Threat Intelligence Experience collecting, analyzing, and actioning Threat Intelligence Must demonstrate extensive knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups, and both state and non-state sponsored threat actors Ability to provide expert guidance on threat trends, analysis methods, and defensive strategies to senior management and key stakeholders Strong technical experience performing OSINT investigations Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups, and both state and non-state sponsored threat actors Technical experience with Threat Intelligence tools such as Passive DNS, Network Flow Analysis, Maltego, Virus Total, URLScan, etc. Ability to analyze threats and distill common Indicators of Attack and Indicators of Compromise Technical experience with defensive tools for actioning threat intelligence including tools like SIEM/Splunk, EDR, Big Data Platforms, etc. Deep experience working with industry-wide frameworks and standards like MITRE ATTCK Ability to navigate and work effectively across a complex, geographically dispersed organization Experience with threat intelligence vendors and platforms