Bank of America
Cyber Threat Intelligence Senior Analyst
Bank of America, Washington, District of Columbia, us, 20022
Job Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.The Cyber Threat Intelligence team works with partners, both internal and external, in order to reduce risk to the Bank and to the financial sector at large. The team provides timely situational awareness, conducts deep analysis of threats, and translates indicators of threat into actionable information to reduce impact to the bank. Stakeholders include cyber-security response teams, internal lines of business, senior leadership, and external organizations such as law enforcement, industry peers, and intelligence sharing partners.Position:
Cyber Threat Intelligence Senior AnalystResponsibilities include, but are not limited to:Working in a tactical/strategic role cultivating intelligence sources, analyzing information, creating intelligence, and hunting for exposures or related incidents.Researching current and emerging threats, malware analysis, campaign assessment, data collection, and analysis.Researching threat actors and cultivating and assessing new sources of threat information and intelligence.Collecting, assessing, and cataloguing threat indicators and adding context to convey urgency, severity, and credibility.Risk management.Maintaining knowledge of the threat landscape by monitoring OSINT and related sources.Tracking cyber threat actors and their infrastructure with a view to disrupting their activity.Collaborating with appropriate business partners and lines of business to analyze threats.Escalating issues to management in a timely manner with appropriate information regarding risk and impact.Exercising independent judgment in methods, techniques, and evaluation criteria for obtaining results.Participating in technical bridge lines to facilitate the identification, mitigation, and containment of cyber-security incidents.Drafting well-written analytical assessments and providing briefings to response teams, enterprise counterparts, and senior leadership on key issues.Mentoring and developing other analysts on the team.Required Skills:Minimum of 10 years of InfoSec experience tracking and reporting on cyber threats.Experience as an intelligence analyst, and/or malware analyst is necessary.Technical or information security certifications are a strong plus.Excellent organizational and analytical skills.Ability to communicate (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment, and remediation activities.Excellent written and verbal communication skills.Ability to juggle multiple work efforts in a fast-paced environment and to quickly change direction as needed.Strong influencing skills.Ability to prioritize conflicting tasks.Proven experience with Information Security related activities.Experience in an operations focused information security role.Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.Familiarity with security vulnerabilities, exploits, malware, and digital forensics.Familiarity with network security vulnerabilities, exploits, and attacks.Familiarity with most operating systems, particularly UNIX and Windows.Ability to work in a strong team-oriented environment with a sense of urgency and resilience whilst able to work independently.Ability to work effectively with technical and non-technical business owners.Firm understanding of the cyber threat landscape.Knowledgeable of emerging technologies and trends and able to identify strategic trends that may impact the bank.Inquisitive mindset and ability to translate raw data into actionable intelligence.Desired Skills:Bachelor’s or higher degree desired.Advanced degree in International Affairs or similar field a strong plus.Technical or information security certifications are also a strong plus.Foreign language fluency (Russian/Arabic/Farsi/Chinese/Korean) desired.Experience reporting on the cybercriminal threat.This job will be open and accepting applications for a minimum of seven days from the date it was posted.Shift:
1st shift (United States of America)Hours Per Week:
40
#J-18808-Ljbffr
Cyber Threat Intelligence Senior AnalystResponsibilities include, but are not limited to:Working in a tactical/strategic role cultivating intelligence sources, analyzing information, creating intelligence, and hunting for exposures or related incidents.Researching current and emerging threats, malware analysis, campaign assessment, data collection, and analysis.Researching threat actors and cultivating and assessing new sources of threat information and intelligence.Collecting, assessing, and cataloguing threat indicators and adding context to convey urgency, severity, and credibility.Risk management.Maintaining knowledge of the threat landscape by monitoring OSINT and related sources.Tracking cyber threat actors and their infrastructure with a view to disrupting their activity.Collaborating with appropriate business partners and lines of business to analyze threats.Escalating issues to management in a timely manner with appropriate information regarding risk and impact.Exercising independent judgment in methods, techniques, and evaluation criteria for obtaining results.Participating in technical bridge lines to facilitate the identification, mitigation, and containment of cyber-security incidents.Drafting well-written analytical assessments and providing briefings to response teams, enterprise counterparts, and senior leadership on key issues.Mentoring and developing other analysts on the team.Required Skills:Minimum of 10 years of InfoSec experience tracking and reporting on cyber threats.Experience as an intelligence analyst, and/or malware analyst is necessary.Technical or information security certifications are a strong plus.Excellent organizational and analytical skills.Ability to communicate (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment, and remediation activities.Excellent written and verbal communication skills.Ability to juggle multiple work efforts in a fast-paced environment and to quickly change direction as needed.Strong influencing skills.Ability to prioritize conflicting tasks.Proven experience with Information Security related activities.Experience in an operations focused information security role.Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.Familiarity with security vulnerabilities, exploits, malware, and digital forensics.Familiarity with network security vulnerabilities, exploits, and attacks.Familiarity with most operating systems, particularly UNIX and Windows.Ability to work in a strong team-oriented environment with a sense of urgency and resilience whilst able to work independently.Ability to work effectively with technical and non-technical business owners.Firm understanding of the cyber threat landscape.Knowledgeable of emerging technologies and trends and able to identify strategic trends that may impact the bank.Inquisitive mindset and ability to translate raw data into actionable intelligence.Desired Skills:Bachelor’s or higher degree desired.Advanced degree in International Affairs or similar field a strong plus.Technical or information security certifications are also a strong plus.Foreign language fluency (Russian/Arabic/Farsi/Chinese/Korean) desired.Experience reporting on the cybercriminal threat.This job will be open and accepting applications for a minimum of seven days from the date it was posted.Shift:
1st shift (United States of America)Hours Per Week:
40
#J-18808-Ljbffr