girl looking into her desktop
Back to search results

Malware Prevention Reverse Engineer - Cyber Security Defense - B5

Denver, Colorado;

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program

The Malware Prevention Team’s aim is to reduce risk across Bank of America by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity and confidentiality of information of Bank of America. They are looking for an advanced-level analyst that has experience with threat actor tracking, malware analysis, and reverse engineering of malware.  They will be part of a Malware Prevention sub-team team that focuses on malware research and analysis.
 
Responsibilities include, but are not limited to:
•    In-depth analysis of malware, including authoring analysis reports.
•    Tracking malware campaigns, malicious actors, and related infrastructure.
•    Creation of tools and scripts to assist in the analysis of malware analysis.
•    Field escalations of potentially malicious files and websites from teams within Malware Prevention.
 
Required Skills:

  • Strong direct experience of analyzing malware
  • Intermediate to advanced malware analysis skills
  • Intermediate to advanced experience reverse engineering tools such as IDA Pro, x64dgb, OllyDbg, Immunity Debugger and/or Ghidra
  • Intermediate to advanced experience reverse engineering malware code written in C, C++, VisualBasic, Java, .NET, Delphi, JavaScript, and VBScript.
  • Solid background in C++ programming and Win32 API’s
  • Experience creating malware analysis tools and scripts for use in tasks such accelerating malware analysis, unpacking malware, and extracting data (ex – configuration extraction) 
  • Experience building and maintain scripts to emulate malware and parse c2 response traffic is a plus  
  • Experience in encryption/obfuscation and how to reverse it is desired
  • Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by ecrime, and cyber espionage actors
  • Experience with penetration testing and/or adversary emulation is a plus.
  • Background in network traffic analysis. 
  • Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc
  • GCIH, GREM, GCFA or CISSP is desired, but not required
  • Able to work independently on tasks, but also work well within a team environment

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program

The Malware Prevention Team’s aim is to reduce risk across Bank of America by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity and confidentiality of information of Bank of America. They are looking for an advanced-level analyst that has experience with threat actor tracking, malware analysis, and reverse engineering of malware.  They will be part of a Malware Prevention sub-team team that focuses on malware research and analysis.
 
Responsibilities include, but are not limited to:
•    In-depth analysis of malware, including authoring analysis reports.
•    Tracking malware campaigns, malicious actors, and related infrastructure.
•    Creation of tools and scripts to assist in the analysis of malware analysis.
•    Field escalations of potentially malicious files and websites from teams within Malware Prevention.
 
Required Skills:

  • Strong direct experience of analyzing malware
  • Intermediate to advanced malware analysis skills
  • Intermediate to advanced experience reverse engineering tools such as IDA Pro, x64dgb, OllyDbg, Immunity Debugger and/or Ghidra
  • Intermediate to advanced experience reverse engineering malware code written in C, C++, VisualBasic, Java, .NET, Delphi, JavaScript, and VBScript.
  • Solid background in C++ programming and Win32 API’s
  • Experience creating malware analysis tools and scripts for use in tasks such accelerating malware analysis, unpacking malware, and extracting data (ex – configuration extraction) 
  • Experience building and maintain scripts to emulate malware and parse c2 response traffic is a plus  
  • Experience in encryption/obfuscation and how to reverse it is desired
  • Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by ecrime, and cyber espionage actors
  • Experience with penetration testing and/or adversary emulation is a plus.
  • Background in network traffic analysis. 
  • Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc
  • GCIH, GREM, GCFA or CISSP is desired, but not required
  • Able to work independently on tasks, but also work well within a team environment

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21069277

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Adam Waller

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$82,400 - $127,800 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.