Back to search results

AVP / VP, Vulnerability Analyst (Exposure Analysis & Assurance), Global Information Security

Singapore, Singapore

Job Description:

About Bank of America:

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the World

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Position Description

Background: The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

The Vulnerability Analyst role supports all Vulnerability Management activities by leveraging analytic and technical skills to assess cyber security related risks. As a key team member you will understand and report on risks that impact the organization, and prioritize remediation activities.

Key Responsibilities

  • Responsibilities include, but are not limited to:
  • Analyze disclosed vulnerabilities, threat scenarios, and mitigating controls.
  • Research and evaluate threats and vulnerabilities to assist in prioritization of remediation actions.
  • Review and validate vulnerabilities using available data sources, tools and identifying new data sources as needed.
  • Advise stakeholders on appropriate remediation & mitigation solutions.
  • Leverage creativity and influence to enhance the Vulnerability & Exposure Analysis program.

Key Requirements

  • 3+ years’ experience in Cyber Security
  • Experience as a Vulnerability or Threat Analyst
  • Understanding of Vulnerability Management principles
  • Understanding of Risk Assessment Methodologies
  • Knowledge of industry standard scoring models such as CVSS, CCSS
  • Knowledge of industry standard data models such as CPE and data normalization tools
  • Process oriented with keen attention to detail
  • Ability to proactively anticipate problems and execute solutions
  • Wide knowledge of application and IT products, interoperability, and extensive knowledge of IT security
  • Knowledge of application development platforms
  • Strong work ethic and ability to effectively multi-task in a fast paced support environment
  • A broad knowledge of information security principles
  • Ability to work independently on initiatives with little oversight.  Highly motivated and willing to learn
  • Strong analytical skills/problem solving/conceptual thinking
  • Effective communication skills
  • Knowledge of vulnerability attack methods, exploit results, attack chains
  • Ability to think strategically and execute against a strategic plan
  • Bachelor’s degree or equivalent work experience

Learn more about this role

Full time


Manages People:


Talent Acquisition Contact:

Referral Bonus:

Check out the Singapore office

Our office is near favourite Seah Im Food Centre and a short hop to Sentosa—a popular island resort and home of the Merlion, Singapore’s guardian of prosperity.

Close-up side shot of the words Bank of America Merrill Lynch on outside office wall

Street Address

Primary Location:
2 HARBOURFRONT PLACE, #02-01, Singapore, 098499