girl looking into her desktop
Back to search results

Vice President, Offensive Security Engineer (Vulnerability Researcher), Cyber Security Defense, Global Information Security

Singapore, , Singapore

Job Description:

Your background

  • Highly proficient with IDA, Ghirda, etc.
  • Must have a solid understanding of exploit development and related skills, including debugging, assembly, and exploit mitigations
  • Demonstrated proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Possess a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.
  • Certifications in OSCP, GPEN, CISSP are a plus

What you can expect

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities.  Leverages multiple methodologies including exploit development, reverse engineering, detection and mitigation analysis, and/or penetration testing across a wide variety of platforms and systems.  Creates reporting that outlines and documents test findings and their potential impacts in clear and concise language. Partners with various line of business teammates to educate on specific vulnerabilities associated with their business segments and recommend the appropriate remediation actions. 

What you will do

The successful candidate will demonstrate ability to consistently communicate vulnerability issues to a broad audience including both technical and non-technical colleagues. The successful candidate will build and sustain relationships with members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Job Band:

H4

Shift: 

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Your background

  • Highly proficient with IDA, Ghirda, etc.
  • Must have a solid understanding of exploit development and related skills, including debugging, assembly, and exploit mitigations
  • Demonstrated proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Possess a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.
  • Certifications in OSCP, GPEN, CISSP are a plus

What you can expect

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities.  Leverages multiple methodologies including exploit development, reverse engineering, detection and mitigation analysis, and/or penetration testing across a wide variety of platforms and systems.  Creates reporting that outlines and documents test findings and their potential impacts in clear and concise language. Partners with various line of business teammates to educate on specific vulnerabilities associated with their business segments and recommend the appropriate remediation actions. 

What you will do

The successful candidate will demonstrate ability to consistently communicate vulnerability issues to a broad audience including both technical and non-technical colleagues. The successful candidate will build and sustain relationships with members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Learn more about this role

Full time

JR-21071670

Band: H4

Manages People:

Manager:

Talent Acquisition Contact:

Wayne Tan

Referral Bonus:

0

Street Address

Primary Location:
2 HARBOURFRONT PLACE, #02-01, Singapore, 098499