girl looking into her desktop
Back to search results

Adaptive Threat Replication Engineer

Denver, Colorado;

Job Description:

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities via vulnerability assessment, penetration testing, and/or social engineering across a wide variety of platforms and systems. Clearly outlines and documents risk impacts of test findings in reports.  Assists Lines of Businesses with questions regarding vulnerabilities and remediation efforts.

The successful candidate will be a team-oriented individual with excellent communication skills at explaining the "so what?" of a vulnerability issue to a non-technical audience. Individual will be expected to work with other members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. Typically 7-10+ years of IT experience, with 5+ of those focused on penetration testing.

Required Skills:
• Must have experience and be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
• Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
• Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds
• Ability to effectively code in a scripting language (Python, Perl, etc.)
• Desirable certifications: OSCP, GPEN, OSCE
• Previous experience working in the financial industry

(Note: This role may be subject to certification and/or specialized training requirements.)

Enterprise Position Overview: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities via vulnerability assessment, penetration testing, and/or social engineering across a wide variety of platforms and systems. Clearly outlines and documents risk impacts of test findings in reports.  Assists Lines of Businesses with questions regarding vulnerabilities and remediation efforts.

The successful candidate will be a team-oriented individual with excellent communication skills at explaining the "so what?" of a vulnerability issue to a non-technical audience. Individual will be expected to work with other members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. Typically 7-10+ years of IT experience, with 5+ of those focused on penetration testing.

Required Skills:
• Must have experience and be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
• Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
• Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
• Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds
• Ability to effectively code in a scripting language (Python, Perl, etc.)
• Desirable certifications: OSCP, GPEN, OSCE
• Previous experience working in the financial industry

(Note: This role may be subject to certification and/or specialized training requirements.)

Enterprise Position Overview: Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21040378

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Nicolas Skaric

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$90,000 - $136,500 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the Corporate Performance Incentive Plan. Qualified employees are eligible for an annual discretionary award based on their overall individual results and behaviors performance at year-end (limited roles may also qualify for incentives during performance year).

Benefits

This role is eligible for all usual company benefits. At Bank of America, our employees are the foundation of our success. That’s why we’re committed to offering a variety of competitive programs and benefits that support your physical, emotional and financial wellness both at work and at home.