girl looking into her desktop
Back to search results

Cyber Security Intrusion Analyst - Cyber Security Defense

Denver, Colorado;

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

The Cyber Security Intrusion Analyst will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team.

This role will be tasked with developing and implementing custom alerts and dashboard monitoring controls based on OSI layer 7 attack and threat indicators.  Additional responsibilities in this role include:

  • Provide leadership in assessing new threat vectors and designing and implementing effective controls
  • Leverage advanced investigative skills using best in class data correlation and network/packet analysis tools
  • Partner with senior leaders from lines of business organizations to triage security events, contain security breaches, make recommendations for changes to processes and controls, and provide updates to senior leadership throughout
  • Mentor and develop the skill sets of less experienced team members
  • Develop and implements processes or controls in support of audit and risk requirements
  • Collect evidence and craft responses for both internal audit requests and external regulatory agencies and craft guidelines for them
  • Act as a subject matter expert on security policies and help craft guidelines for them

  
Required Skills:

  • Strong Splunk skill set.  The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.
  • Strong Intrusion Analysis background.  Resource must be able to identify and interpret web and application logs from various systems.
  • Knowledgeable of current exploits.  Resource must be able to identify common exploits from the appropriate web and event logs.
  • Working knowledge of Linux, Windows, and mobile operating systems.
  • Comfortable with scripting languages and regular expressions.
  • Strong knowledge common network protocols.
  • Working knowledge of enterprise Client / Server architecture
  • On call and after hours work can be expected in support of larger security incidents. 
  • The analyst will use threat intelligence to update existing controls or build new controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team.

Desired Skills:

  • Experience doing packet captures and interpreting them (wireshark for example)
  • Understanding of stateful firewalls and able to interpret firewall rules and logs
  • Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs
  • Full understanding of modern web site deployments and technology
  • Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion
  • Use tools to detect anomalous/malicious data transmissions on the network
  • Use advanced analytics / security tools to detect malware on the network

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

The Cyber Security Intrusion Analyst will function as a member of an enterprise network application layer intrusion, detection, prevention, and response team.

This role will be tasked with developing and implementing custom alerts and dashboard monitoring controls based on OSI layer 7 attack and threat indicators.  Additional responsibilities in this role include:

  • Provide leadership in assessing new threat vectors and designing and implementing effective controls
  • Leverage advanced investigative skills using best in class data correlation and network/packet analysis tools
  • Partner with senior leaders from lines of business organizations to triage security events, contain security breaches, make recommendations for changes to processes and controls, and provide updates to senior leadership throughout
  • Mentor and develop the skill sets of less experienced team members
  • Develop and implements processes or controls in support of audit and risk requirements
  • Collect evidence and craft responses for both internal audit requests and external regulatory agencies and craft guidelines for them
  • Act as a subject matter expert on security policies and help craft guidelines for them

  
Required Skills:

  • Strong Splunk skill set.  The security analyst will leverage Splunk to analyze logs and other security events to find targeted attacks against network based bank assets.
  • Strong Intrusion Analysis background.  Resource must be able to identify and interpret web and application logs from various systems.
  • Knowledgeable of current exploits.  Resource must be able to identify common exploits from the appropriate web and event logs.
  • Working knowledge of Linux, Windows, and mobile operating systems.
  • Comfortable with scripting languages and regular expressions.
  • Strong knowledge common network protocols.
  • Working knowledge of enterprise Client / Server architecture
  • On call and after hours work can be expected in support of larger security incidents. 
  • The analyst will use threat intelligence to update existing controls or build new controls to detect new threats against the bank. Will be expected to have solid technical skills to operate independently and to support others within the security team.

Desired Skills:

  • Experience doing packet captures and interpreting them (wireshark for example)
  • Understanding of stateful firewalls and able to interpret firewall rules and logs
  • Able to interpret SQL, Apache web logs, IIS, Active Directory and other security logs
  • Full understanding of modern web site deployments and technology
  • Familiarity with web application attacks including SQL injection, cross-site scripting, and remote file inclusion
  • Use tools to detect anomalous/malicious data transmissions on the network
  • Use advanced analytics / security tools to detect malware on the network

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-22043560

Band: H5

Manages People: No

Travel: No

Manager:

Talent Acquisition Contact:

Adam Waller

Referral Bonus:

0

Colorado pay and benefits information

Colorado pay range:

$86,700 - $129,900 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.