girl looking into her desktop
Back to search results

Identity Defense Senior Specialist - Cyber Security Defense - B4

Denver, Colorado;

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

The Identity Defense team, which is part of CSD, aims to mitigate incidents through monitoring of network account usage, authentication activities and authentication behaviors. The team is responsible to reduce the risk associated with misuse or illicit use of accounts which grant access to Bank of America's internal workforce network. Within this team there is a function to design proactive and detective defenses intended to reduce risk of a potential account compromise, the Identity Defense Senior Specialist. 

The Identity Defense Senior Specialist will be responsible for understanding the Bank's workforce authentication ecosystem. The incumbent will leverage cyber threat intelligence, threat models and other sources of intelligence to identify potential threats to the bank's current, and future state, authentication ecosystem, inclusive of Cloud environments. In this role you will work with peer and partner teams to develop threat reduction opportunities including, but not limited to, new monitoring, technology changes, policy updates, training and awareness campaigns. A successful candidate will lead or work independently on complex projects and influence strategic direction. Responsibilities include, but are not limited to:

  • Creating partnerships and routines across GIS and technology support teams to remain current on environmental changes impacting network accounts
  • Developing repeatable means to intake intelligence and evaluate potential threats specific to defense of identity
  • Basic data analytics to measure impacts or probabilities to support socialization of changes or threats
  • Providing subject matter expertise to peers and during incident response activities
  • Collaborating with peers and business units in a team-focused environment
  • Removing barriers to deliver results
  • Researching, measuring, detecting and mitigating security attacks 
  • Exercising judgment within broadly defined practices in selecting methods, techniques and evaluation criterion for obtaining results  

Required Skills:

  • 5-7 + years of experience with Information Security related activities

  • Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents

  • Ability to analyze data and evaluate relevance to a specific incident under investigation

  • Familiarity with security vulnerabilities exploits and hacker techniques.

  • Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle

  • Familiarity with Splunk

  • Knowledgeable of current authentication based exploits in traditional and cloud environments, for both human and non human accounts

  • Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language

  • Networking or Security Experience

  • Experience detecting Insider Threats and placing controls within an organization to protect against digital identity threats

  • A strong working knowledge of security threat vectors, networking, network security and application security

  • Advanced problem solving skills

  • Able to adapt communication style to the audience

  • Demonstrates the capability of working in a team environment and collaborating with oversea partners

  • Ability to work independently

  • Strong leadership skills and qualities which enable you to work with peers and various levels of management

  • CISSP, CISSM, CompTIA Security/A/N +, CCNA is desired, but not required

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

The Identity Defense team, which is part of CSD, aims to mitigate incidents through monitoring of network account usage, authentication activities and authentication behaviors. The team is responsible to reduce the risk associated with misuse or illicit use of accounts which grant access to Bank of America's internal workforce network. Within this team there is a function to design proactive and detective defenses intended to reduce risk of a potential account compromise, the Identity Defense Senior Specialist. 

The Identity Defense Senior Specialist will be responsible for understanding the Bank's workforce authentication ecosystem. The incumbent will leverage cyber threat intelligence, threat models and other sources of intelligence to identify potential threats to the bank's current, and future state, authentication ecosystem, inclusive of Cloud environments. In this role you will work with peer and partner teams to develop threat reduction opportunities including, but not limited to, new monitoring, technology changes, policy updates, training and awareness campaigns. A successful candidate will lead or work independently on complex projects and influence strategic direction. Responsibilities include, but are not limited to:

  • Creating partnerships and routines across GIS and technology support teams to remain current on environmental changes impacting network accounts
  • Developing repeatable means to intake intelligence and evaluate potential threats specific to defense of identity
  • Basic data analytics to measure impacts or probabilities to support socialization of changes or threats
  • Providing subject matter expertise to peers and during incident response activities
  • Collaborating with peers and business units in a team-focused environment
  • Removing barriers to deliver results
  • Researching, measuring, detecting and mitigating security attacks 
  • Exercising judgment within broadly defined practices in selecting methods, techniques and evaluation criterion for obtaining results  

Required Skills:

  • 5-7 + years of experience with Information Security related activities

  • Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents

  • Ability to analyze data and evaluate relevance to a specific incident under investigation

  • Familiarity with security vulnerabilities exploits and hacker techniques.

  • Familiarity identity management standards, social engineering TTPs, and the incident response lifecycle

  • Familiarity with Splunk

  • Knowledgeable of current authentication based exploits in traditional and cloud environments, for both human and non human accounts

  • Proven experience presenting findings via written reports and orally to key stakeholders in clear and concise language

  • Networking or Security Experience

  • Experience detecting Insider Threats and placing controls within an organization to protect against digital identity threats

  • A strong working knowledge of security threat vectors, networking, network security and application security

  • Advanced problem solving skills

  • Able to adapt communication style to the audience

  • Demonstrates the capability of working in a team environment and collaborating with oversea partners

  • Ability to work independently

  • Strong leadership skills and qualities which enable you to work with peers and various levels of management

  • CISSP, CISSM, CompTIA Security/A/N +, CCNA is desired, but not required

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21075061

Band: H4

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Adam Waller

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$135,000 - $175,500 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.