11 Jun
GIS Proactive Insider Threat Specialist - Cyber Security Defense
District of Columbia, Washington , 20001 Washington USA

Vacancy expired!

Job Description:Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team. The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks. Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats. The People Defense organization within CSD investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across CSD and the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks. In this role, the Proactive Insider Threat Specialist, is responsible for conducting the daily proactive insider threat strategy activities to include user behavior alerting analysis and also complete proactive high risk population assessments. They will engage across GIS to coordinate insider threat controls and visibility to aggregate insider risk, support GIS initiatives to evolve insider controls, and is responsible for driving the operationalization of new tools/technology related to identifying and preventing insider threats.The individual will work with colleagues who have deep knowledge of security processes and procedures, best practices, and threat analysis to perform in-depth advanced log, system, and process analytics in order to pursue and prove or disprove hypotheses relating to anomalous and/or malicious activity. They will also be responsible for helping develop new detection and alerting methods based on insider threat use cases. The individual will demonstrate extraordinary organizational and cross-functional communication skills to drive analytics and investigations to threats throughout the Enterprise. In this role, you will work with all operational and technical teams within Global Information Security (GIS) in order to gain insight into critical controls and architectural specifics to develop analytics that identify anomalous and/or malicious behavior accurately while maintaining a true low false positive rate. This individual will support the team's insider threat strategy including the insider threat hunting function, serving as a thought leader in the design of cutting-edge detective, preventative, and proactive controls. Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and include on-call duties during nights and weekends. Responsibilities include, but are not limited to:

  • Conduct insider threat activity monitoring, alerting triage, and threat hunt operations
  • Review alerts, determine risk, and take appropriate response actions while thoroughly documenting analysis steps
  • Focus on reducing insider threat risk via proactive assessments, education, and new control implementation initiatives
  • Conduct trend analysis and research using data resources to and collaborate with partners to identify insider risk and or areas for improvement
  • Coordinating with existing controls and leadership to guide the research, design, engineering, implementation, and operation for the next generation information security technologies and processes to address information security insider risk holistically and work effectively across a complex organization that is geographically dispersed
  • Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team
  • Complete written reports in compliance with current reporting procedures and policies; Must have the ability to write and present detailed, concise, and accurate reports and present to senior leadership
Required Skills:
  • Experience with analytics across complex data sources
  • Exceptional oral and written communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
  • Demonstrate ability to self-direct project outcomes with minimal supervision to achieve program goals
  • Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
  • Ability to navigate and work effectively across a complex, geographically dispersed organization
Desired Skills:
  • Expertise in insider threat and associated risk detection and mitigation practices
  • Experience with Endpoint Detection & Response (EDR), Security Information and Event Management (SIEM), and/or manual log analysis techniques
  • Working knowledge of all domains within Information Security
  • Understanding of basic Data Science concepts and processes
  • Experience working with industry-wide frameworks and standards like MITRE ATT&CK, STIX, TAXII, and NIST SCAP and offensive strategies and assessment methodology
  • Experience using Python and/or SQL queries to conduct analysis on complex data sources
  • An understanding of human behavior / human psychology
  • Ability to create Splunk searches and dashboards
Shift:1st shift (United States of America)Hours Per Week:40Learn more about this role

Vacancy expired!


Report job