girl looking into her desktop
Back to search results

Cyber Resilience Exercise Planner

Addison, Texas;

Job Description:

Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

Exercise planners are key components in the organization’s strategy to improve cyber preparedness and reduce risk. Cyber Exercise Planners contribute to the training and coordination between various cyber security organizations and the Bank's lines of business. Exercise Planners design, develop, conduct and evaluate cyber exercises, working with Cyber Security Defense and Business Information Security Officers to identify cyber risks, design threat scenarios, identify key stakeholders and participants, and execute the exercise against the planned scenarios. Exercises range from discussion-based to operations-based exercises, to include range-based exercises.  Planners will be expected to work in a dynamic, fast-paced environment to design multiple exercises on a yearly plan. Planners will receive broad exposure across multiple organizational units and levels of leadership. Applicants should have a proven track record of being able to navigate successfully across organizational lines, a solid foundation of cyber security knowledge and demonstrated performance designing and executing a variety of exercise types, to include range-based exercises.

Required Skills:

• Have a foundational understanding of information technology and security concepts

• Have a foundational understanding of exercise and test concepts used to evaluate staff skill levels, operational risk and security effectiveness

• Ability to capture actions taken by the exercise participants through direct observation, monitoring of communications between participants and direct interaction with participants. Analyze the data and provide realistic and insightful conclusions

• Ability to design executive level summaries aimed at driving action and demonstrating success

• Have a strong sense of teamwork that enables you to work with peers and various levels of management

• Effective written and oral communication skills in both group and individual settings

• Ability to facilitate and control a room of people and guide them through the exercise in order to achieve the goals

• Proven record of being able to navigate successfully across organizational lines

• Ability to communicate threat actor techniques, tactics and procedures (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact likelihood, containment and remediation activities

• Excellent organizational and analytical skills with an ability to prioritize conflicting tasks and handle multiple work efforts in a fast paced environment

• Experience in an operations focused Information Security role

• Familiarity with network security vulnerabilities, exploits and attacks

• Have a foundational understanding of range technology and exercise concepts used to evaluate participating teams                                                          

Desired Skills:

• Project Management proficiency:  Manages planning and delivery of exercise milestones, ensures design and development stay on target, identifies and escalates issues and risks, develops high quality deliverables and manages exercise lifecycle to conclusion

• Bachelor’s degree in Information Technology or related field

• Technical or Information Security Qualifications

• Demonstrated experience in the design, development, conduct and evaluation of exercises

• Understanding of the cyber threat landscape with knowledge of emerging technologies and trends

• Knowledge of and experience working in finance sector linked information security collaboration groups

• Range exercise proficiency:  Demonstrated experience in the design, development, execution and evaluation of cyber range exercises   

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

Exercise planners are key components in the organization’s strategy to improve cyber preparedness and reduce risk. Cyber Exercise Planners contribute to the training and coordination between various cyber security organizations and the Bank's lines of business. Exercise Planners design, develop, conduct and evaluate cyber exercises, working with Cyber Security Defense and Business Information Security Officers to identify cyber risks, design threat scenarios, identify key stakeholders and participants, and execute the exercise against the planned scenarios. Exercises range from discussion-based to operations-based exercises, to include range-based exercises.  Planners will be expected to work in a dynamic, fast-paced environment to design multiple exercises on a yearly plan. Planners will receive broad exposure across multiple organizational units and levels of leadership. Applicants should have a proven track record of being able to navigate successfully across organizational lines, a solid foundation of cyber security knowledge and demonstrated performance designing and executing a variety of exercise types, to include range-based exercises.

Required Skills:

• Have a foundational understanding of information technology and security concepts

• Have a foundational understanding of exercise and test concepts used to evaluate staff skill levels, operational risk and security effectiveness

• Ability to capture actions taken by the exercise participants through direct observation, monitoring of communications between participants and direct interaction with participants. Analyze the data and provide realistic and insightful conclusions

• Ability to design executive level summaries aimed at driving action and demonstrating success

• Have a strong sense of teamwork that enables you to work with peers and various levels of management

• Effective written and oral communication skills in both group and individual settings

• Ability to facilitate and control a room of people and guide them through the exercise in order to achieve the goals

• Proven record of being able to navigate successfully across organizational lines

• Ability to communicate threat actor techniques, tactics and procedures (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact likelihood, containment and remediation activities

• Excellent organizational and analytical skills with an ability to prioritize conflicting tasks and handle multiple work efforts in a fast paced environment

• Experience in an operations focused Information Security role

• Familiarity with network security vulnerabilities, exploits and attacks

• Have a foundational understanding of range technology and exercise concepts used to evaluate participating teams                                                          

Desired Skills:

• Project Management proficiency:  Manages planning and delivery of exercise milestones, ensures design and development stay on target, identifies and escalates issues and risks, develops high quality deliverables and manages exercise lifecycle to conclusion

• Bachelor’s degree in Information Technology or related field

• Technical or Information Security Qualifications

• Demonstrated experience in the design, development, conduct and evaluation of exercises

• Understanding of the cyber threat landscape with knowledge of emerging technologies and trends

• Knowledge of and experience working in finance sector linked information security collaboration groups

• Range exercise proficiency:  Demonstrated experience in the design, development, execution and evaluation of cyber range exercises   

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21044222

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Nicolas Skaric

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$90,000 - $136,500 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the Corporate Performance Incentive Plan. Qualified employees are eligible for an annual discretionary award based on their overall individual results and behaviors performance at year-end (limited roles may also qualify for incentives during performance year).

Benefits

This role is eligible for all usual company benefits. At Bank of America, our employees are the foundation of our success. That’s why we’re committed to offering a variety of competitive programs and benefits that support your physical, emotional and financial wellness both at work and at home.