Information Security Threat Management Specialist

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Position Summary:

This job is responsible for assessing the bank's technologies, applications, and overall security controls to identify potential risks and vulnerabilities that may impact Bank of America's information security. Key responsibilities include developing a better understanding of Bank of America's Global Information Security policy and relevant cyber security threats to complete security assessments. Job expectations include developing technical subject matter expertise to support partners, and adapting testing methods to emerging cyber security regulations and evolving threats.

Responsibilities:

• Assesses systems controlling access to bank resources for compliance to security policies and controls by utilizing external threat frameworks, internal threat intelligence, and systems documentation

• Analyzes, improves, implements, and executes security controls proactively to identify risks of threat actors from infiltrating company systems or information

• Leverages risk management practices, and internal escalation processes to document findings for remediation

• Monitors new threats and complex attempts to compromise security controls while developing a deep expertise in the early lifecycle for security techniques to identify vulnerabilities before they present a risk to the bank

• Develops strong partnerships by demonstrating operational expertise as a subject matter expert

Skills:

• Critical Thinking

• Customer and Client Focus

• Information Systems Management

• Problem Solving

• Threat Analysis

• Cyber Security

• Policies, Procedures, and Guidelines Management

• Quality Assurance

• Risk Analytics

• Technology System Assessment

• Business Acumen

• Business Intelligence

• Data Privacy and Protection

• Data and Trend Analysis

• Stakeholder Management

Required qualifications:

• 3-5 years working counterintelligence investigations with demonstrated knowledge of hostile nation state threats

• Bachelor’s degree in Information Technology and/or International Studies

• A broad knowledge of computer networking, log analysis, information security principles, and adversarial tools and techniques

• Demonstrated ability to identify, analyze and address cyber security issues or threats, including emerging tactics or techniques

• Proficiency with executive-level tracking and reporting, including expertise in Jira and Excel

• Must be comfortable presenting to a wide spectrum of individuals having varying degrees of technical understanding

• Strong project management skills

• Strong program management skills

• Ability to work independently with little oversight managing multiple investigations simultaneously

• Demonstrated vendor management skills

• Strong analytical skills/problem solving/conceptual thinking

• Ability to resolve issues with minimal negative impact and risk to the organization.

Desired qualifications:

• At least 10 years of experience working with classified/sensitive information

• At least 10 years of experience working national security threats within the law enforcement/intelligence community

• At least 10 years of experience working in a task force environment

• Advanced degree in Information Technology and/or International Studies

• Experience in the remediation of information security risks/vulnerabilities

Shift:

1st shift (United States of America)

Hours Per Week: 

40