girl looking into her desktop
Back to search results

GIS Insider Threat Investigator

Denver, Colorado;

Job Description:

The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks.  Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats.  The People Defense organization within CSD investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across CSD and the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.   

The Tactical Insider Response Analyst will be responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, you will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions and as such will require excellent communication skills.

Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and on-call duties to support tactical response partners.

Responsibilities include, but are not limited to:

  • Analyze data and evaluate relevance to a specific incident under investigation
  • Document each stage of the investigation and maintain a focus on case logs and details
    Present findings via written reports and orally to key stakeholders in clear and concise language
  • Effectively communicates investigative findings to non-technical audiences
  • Ability to interact with and lead discussions with senior Bank executives across different functions and lines of business
  • Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams
  • Ability to navigate and work effectively across a complex organization that is geographically dispersed
  • Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team


    Required Skills:
  • 5+ years work experience with an insider threat focus or technical background that could be applied to build methods to identify insider threat risk
  • Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
  • Technical skills to allow a process to be followed methodically and systematically
  • Familiarity with Splunk, ENCASE, and other similar investigative and monitoring tools
  • Exceptional written and oral communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
  • The ability to learn and discover how unfamiliar technology works
  • Excellent organizational skills to manage caseload, projects and ad hoc requests
  • Report writing skills
  • Project Management skills

Desired Skills:

  • An understanding of human behavior / human psychology or investigative background
  • Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
  • Experience in conducting complex investigations with an Insider Threat emphasis
  • Foundational knowledge in computer forensics, incident response
  • Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
  • Networking/System administration experience
  • Bachelor’s in computer science


 

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks.  Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats.  The People Defense organization within CSD investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across CSD and the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.   

The Tactical Insider Response Analyst will be responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, you will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions and as such will require excellent communication skills.

Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and on-call duties to support tactical response partners.

Responsibilities include, but are not limited to:

  • Analyze data and evaluate relevance to a specific incident under investigation
  • Document each stage of the investigation and maintain a focus on case logs and details
    Present findings via written reports and orally to key stakeholders in clear and concise language
  • Effectively communicates investigative findings to non-technical audiences
  • Ability to interact with and lead discussions with senior Bank executives across different functions and lines of business
  • Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams
  • Ability to navigate and work effectively across a complex organization that is geographically dispersed
  • Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team


    Required Skills:
  • 5+ years work experience with an insider threat focus or technical background that could be applied to build methods to identify insider threat risk
  • Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
  • Technical skills to allow a process to be followed methodically and systematically
  • Familiarity with Splunk, ENCASE, and other similar investigative and monitoring tools
  • Exceptional written and oral communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
  • The ability to learn and discover how unfamiliar technology works
  • Excellent organizational skills to manage caseload, projects and ad hoc requests
  • Report writing skills
  • Project Management skills

Desired Skills:

  • An understanding of human behavior / human psychology or investigative background
  • Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
  • Experience in conducting complex investigations with an Insider Threat emphasis
  • Foundational knowledge in computer forensics, incident response
  • Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
  • Networking/System administration experience
  • Bachelor’s in computer science


 

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21053152

Band: H5

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

Adam Waller

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$82,400 - $127,800 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the Corporate Performance Incentive Plan. Qualified employees are eligible for an annual discretionary award based on their overall individual results and behaviors performance at year-end (limited roles may also qualify for incentives during performance year).

Benefits

This role is eligible for all usual company benefits. At Bank of America, our employees are the foundation of our success. That’s why we’re committed to offering a variety of competitive programs and benefits that support your physical, emotional and financial wellness both at work and at home.