Defensive Research – ATM Security Engineer

at Bank of America
Location Addison, TX
Date Posted October 9, 2021
Category Default
Job Type Full-time

Description

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Defensive Research – ATM Security Engineer

As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting for data security incidents. Provides technical support to the client, management and staff in risk assessments and in the implementation of appropriate data security procedures and products. Monitors changes to the threat landscape that could affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various  factors. Exercises good judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Successful candidates for this role typically have 5-7 years of IT experience.

Required skills:

  • Strong understanding of Windows Operating System Internals
  • Solid knowledge of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must have a solid understanding of Windows security logging and endpoint detection and response utilities
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.

Desired skills:

  • Proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Background in Red Teaming and/or Penetration testing
  • Previous experience working in the financial services industry
  • Certifications in OSCP, GPEN, CISSP are a plus

Enterprise Role Overview:

Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

-->

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Defensive Research – ATM Security Engineer

As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting for data security incidents. Provides technical support to the client, management and staff in risk assessments and in the implementation of appropriate data security procedures and products. Monitors changes to the threat landscape that could affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various  factors. Exercises good judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Successful candidates for this role typically have 5-7 years of IT experience.

Required skills:

  • Strong understanding of Windows Operating System Internals
  • Solid knowledge of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must have a solid understanding of Windows security logging and endpoint detection and response utilities
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.

Desired skills:

  • Proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Background in Red Teaming and/or Penetration testing
  • Previous experience working in the financial services industry
  • Certifications in OSCP, GPEN, CISSP are a plus

Enterprise Role Overview:

Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:
Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Defensive Research – ATM Security Engineer

As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting for data security incidents. Provides technical support to the client, management and staff in risk assessments and in the implementation of appropriate data security procedures and products. Monitors changes to the threat landscape that could affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various  factors. Exercises good judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Successful candidates for this role typically have 5-7 years of IT experience.

Required skills:

  • Strong understanding of Windows Operating System Internals
  • Solid knowledge of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must have a solid understanding of Windows security logging and endpoint detection and response utilities
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.

Desired skills:

  • Proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Background in Red Teaming and/or Penetration testing
  • Previous experience working in the financial services industry
  • Certifications in OSCP, GPEN, CISSP are a plus

Enterprise Role Overview:

Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.
Shift:

1st shift (United States of America)

Hours Per Week: 

40

Drop files here browse files ...