Advanced Insider Threat Sr. Specialist

Charlotte, VT - USA

Monthly Salary: Not Disclosed

Posted on: 2 days ago

Vacancies: 1 Vacancy

Job Summary

Job Description:

At Bank of America we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients teammates communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace attracting and developing exceptional talent supporting our teammates physical emotional and financial wellness recognizing and rewarding performance and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America you can build a successful career with opportunities to learn grow and make an impact. Join us!

Job Description:

This role is responsible for assessing the banks technologies applications and overall security controls to identify potential nation-state insider threat risks and vulnerabilities that may impact Bank of Americas information security. Key responsibilities include developing a better understanding of Bank of Americas Global Information Security policy and relevant cyber security threats to complete security assessments. Job expectations include developing technical subject matter expertise to support partners and adapting testing methods to emerging cyber security regulations and evolving threats.

The individual will serve as a liaison with Human Resources Internal Enterprise Investigations Compliance and Employee Relations-related investigations; ensuring effective support of these cases as well as developing and ensuring ongoing and strategic engagement and routines with key individual will have accountability for evolving our support model including automation opportunities and thematic analysis and collaboration to drive control additions and improvements where needed. The individual will demonstrate extraordinary organizational and cross-functional collaboration skills to drive analytics and investigations to threats throughout the Enterprise.

Responsibilities:

Assesses systems controlling access to bank resources for compliance to security policies and controls by utilizing external threat frameworks internal threat intelligence and systems documentation
Analyzes improves implements and executes security controls proactively to identify risks of state-sponsored threat actors accessing associates resources or intellectual property
Engage with senior leaders across the enterprise; collaborate with data science threat research Cyber Threat Hunt Intelligence and Defense teams to identify opportunities to build and respond to nation-state directed insider tactics and techniques
Developing and documenting new and innovative insider hunt hypotheses to increase the teams ability to find existing insider threats
Leverages risk management practices and internal escalation processes to document findings for remediation
Monitors new threats and complex attempts to compromise security controls while developing a deep expertise in the early lifecycle for security techniques to identify vulnerabilities before they present a risk to the bank
Develops strong internal and external partnerships by demonstrating operational expertise as a subject matter expert in counterintelligence matters
Navigates and works effectively including organizing response communication plans and executive updates across a complex geographically dispersed organization and team

Required qualifications:

7 years of experience working counterintelligence investigations with demonstrated knowledge in identifying detecting and mitigating nation-state cyber threats and hostile nation state threat actors
5-7 years of relevant work experience leading teams and conducting intelligence analysis involving complex threats from nation state actors.
Demonstrated ability to identify analyze and address cyber security issues or threats including emerging tactics or techniques
Proficiency with executive-level tracking and reporting including expertise in Jira and Excel
Must be comfortable presenting to a wide spectrum of individuals having varying degrees of technical understanding
Strong program management skills
Ability to work independently with little oversight managing multiple investigations simultaneously
Demonstrated vendor management skills
Strong communication writing and analytical skills along with problem solving and conceptual thinking skills.
Extensive knowledge of all domains within Information Security
Expertise in insider threat and associated risk detection and mitigation practices
High proficiency with forensic tools (ENCASE) CrowdStrike and other similar investigative and/or monitoring tools
Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk Python SQL
Correlation analysis ofexisting case types and escalations
Excellent organizational skills to manage caseload projects and ad hoc requests
Familiarity with participating in and driving incident response events
Demonstrated ability in applying strong criticalthinking skills to strategize innovate and develop creative solutions to complex problems in fastpaced environment
Ability to resolve issues with minimal negative impact and risk to the organization
Must have extensive knowledge of all steps of the intelligence process and demonstrated ability to transform raw data into actionable cyber risk mitigation outcomes

Desired qualifications:

At least 10 years of experience working with classified/sensitive information
At least 10 years of experience working national security threats within the law enforcement/intelligence community
Experience in the remediation of information security risks/vulnerabilities
Credibility necessary to establish relationships and lead collaborative exchanges with peer financial institutions and US Government Agencies.

Skills:

Cyber Security
Data Privacy and Protection
Problem Solving
Process Management
Threat Analysis
Access and Identity Management
Business Acumen
Interpret Relevant Laws Rules and Regulations
Risk Analytics
Stakeholder Management
Data Governance
Data and Trend Analysis
Incident Management
Information Systems Management
Technology System Assessment

Shift:

1st shift (United States of America)

Hours Per Week:

Required Experience:

Senior IC

Job Description:At Bank of America we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients teammates communities and shareholders every day.Being a Great Place to Work is core...

Job Description:

Responsibilities:

Assesses systems controlling access to bank resources for compliance to security policies and controls by utilizing external threat frameworks internal threat intelligence and systems documentation
Analyzes improves implements and executes security controls proactively to identify risks of state-sponsored threat actors accessing associates resources or intellectual property
Engage with senior leaders across the enterprise; collaborate with data science threat research Cyber Threat Hunt Intelligence and Defense teams to identify opportunities to build and respond to nation-state directed insider tactics and techniques
Developing and documenting new and innovative insider hunt hypotheses to increase the teams ability to find existing insider threats
Leverages risk management practices and internal escalation processes to document findings for remediation
Monitors new threats and complex attempts to compromise security controls while developing a deep expertise in the early lifecycle for security techniques to identify vulnerabilities before they present a risk to the bank
Develops strong internal and external partnerships by demonstrating operational expertise as a subject matter expert in counterintelligence matters
Navigates and works effectively including organizing response communication plans and executive updates across a complex geographically dispersed organization and team

Required qualifications:

7 years of experience working counterintelligence investigations with demonstrated knowledge in identifying detecting and mitigating nation-state cyber threats and hostile nation state threat actors
5-7 years of relevant work experience leading teams and conducting intelligence analysis involving complex threats from nation state actors.
Demonstrated ability to identify analyze and address cyber security issues or threats including emerging tactics or techniques
Proficiency with executive-level tracking and reporting including expertise in Jira and Excel
Must be comfortable presenting to a wide spectrum of individuals having varying degrees of technical understanding
Strong program management skills
Ability to work independently with little oversight managing multiple investigations simultaneously
Demonstrated vendor management skills
Strong communication writing and analytical skills along with problem solving and conceptual thinking skills.
Extensive knowledge of all domains within Information Security
Expertise in insider threat and associated risk detection and mitigation practices
High proficiency with forensic tools (ENCASE) CrowdStrike and other similar investigative and/or monitoring tools
Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk Python SQL
Correlation analysis ofexisting case types and escalations
Excellent organizational skills to manage caseload projects and ad hoc requests
Familiarity with participating in and driving incident response events
Demonstrated ability in applying strong criticalthinking skills to strategize innovate and develop creative solutions to complex problems in fastpaced environment
Ability to resolve issues with minimal negative impact and risk to the organization
Must have extensive knowledge of all steps of the intelligence process and demonstrated ability to transform raw data into actionable cyber risk mitigation outcomes

Desired qualifications:

At least 10 years of experience working with classified/sensitive information
At least 10 years of experience working national security threats within the law enforcement/intelligence community
Experience in the remediation of information security risks/vulnerabilities
Credibility necessary to establish relationships and lead collaborative exchanges with peer financial institutions and US Government Agencies.

Skills: