SourceBank Of America
Job Description:Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team. The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program. The Cyber Security Intrusion Analyst will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team. This role will be tasked with developing and implementing custom alerts and dashboard monitoring controls based on OSI layer 7 attack and threat indicators. Additional responsibilities in this role include:
- Provide leadership in assessing new threat vectors and designing and implementing effective controls
- Leverage advanced investigative skills using best in class data correlation and network/packet analysis tools
- Partner with senior leaders from lines of business organizations to triage security events, contain security breaches, make recommendations for changes to processes and controls, and provide updates to senior leadership throughout
- Mentor and develop the skill sets of less experienced team members
- Develop and implements processes or controls in support of audit and risk requirements
- Collect evidence and craft responses for both internal audit requests and external regulatory agencies and craft guidelines for them
- Act as a subject matter expert on security policies and help craft guidelines for them
- Strong Splunk skill set. The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.
- Strong Intrusion Analysis background. Resource must be able to identify and interpret web and application logs from various systems.
- Knowledgeable of current exploits. Resource must be able to identify common exploits from the appropriate web and event logs.
- Working knowledge of Linux, Windows, and mobile operating systems.
- Comfortable with scripting languages and regular expressions.
- Strong knowledge common network protocols.
- Working knowledge of enterprise Client / Server architecture
- On call and after hours work can be expected in support of larger security incidents.
- The analyst will use threat intelligence to update existing controls or build new controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team.
- Experience doing packet captures and interpreting them (wireshark for example)
- Understanding of stateful firewalls and able to interpret firewall rules and logs
- Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs
- Full understanding of modern web site deployments and technology
- Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion
- Use tools to detect anomalomalicious data transmissions on the network
- Use advanced analytics / security tools to detect malware on the network
Cyber Security Intrusion Analyst - Cyber Security Defense
Cyber Security Third Party Remediation Analyst
SOC Level 1 Analyst - Cyber Security Operations
SOC Level 2 Sr Analyst - Cyber Security Operations
Cyber Security Analyst