girl looking into her desktop
Back to search results

Assistant Vice President / Vice President, Digital Forensics Analyst, Global Information Security

Singapore, , Singapore;

Job Description:

Your background

Bank of America is seeking to expand and diversify their Digital Forensics and Incident Response (DFIR) capability with motivated and adaptable individuals from a range of different backgrounds and experience.

This role is open to individuals with either of the following backgrounds:

  • Digital Forensics and Incident Response (DFIR) experience from 3 years to 10 years; or alternatively
  • Microsoft Azure Cloud Engineers with at least 2 years of implementation experience, with the passion to learn and move into the Digital Forensics discipline (the appropriate training and guidance will be provided)

Candidates with Digital Forensics and Incident Response (DFIR) experience will possess either of the following backgrounds:

  • Candidates with experience ranging from 3 years to 7  years of experience
    • Identify, analyse and present evidential data from workstation orientated systems, including but not limited to systems installed with Microsoft Windows; and
    • Such candidates will have experience in investigating specific facets or workstreams of various incident scenarios/investigations as part of a broader DFIR/investigative team; and
    • This particular type of candidate will have amassed some form of generalist or broad knowledge in computing and networking, together with at least a generalist understanding of information security technologies, techniques and processes. The candidate may also have led or started to lead a limited amount of incident scenarios/investigations from commencement to cessation, though not a requirement.

  • Candidates with experience ranging from 8 years to 10 years of experience
    • Identify, analyse and present evidential data from a wide range of enterprise systems for a wide range of incident or investigative scenarios; and
    • Such candidates will have experience in investigating and leading various incident scenarios/investigations as part of a broader DFIR/investigative team from commencement to cessation; and
    • This particular type of candidate will be able to draw upon their well versed knowledge in computing and networking, together with information security technologies, techniques and processes. The candidate may also have initiated or driven initiatives to transform, evolve or upgrade incident scenarios/investigations processes and/or technologies.

Candidates who are Microsoft Azure Engineers and have implementation experience will possess the following background:

  • Excellent knowledge of Microsoft Azure infrastructure nuances and inner workings. More specifically, the candidate should possess knowledge and experience in respect of design, implementation and troubleshooting; and
  • Such candidates will have experience in respect of the above as part of a broader team, as well as communicating with clients on their use-case requirements; and
  • This particular type of candidate will have also amassed some form of generalist or broad knowledge in computing and networking through systems administration experience, together with at least a generalist understanding of information security technologies.

For all candidates with Digital Forensics and Incident Response experience, please refer to the following in terms of skills and qualifications:

  • One of the below qualifications or certifications are an essential requirement:
    • Bachelor’s, Masters or Doctorate Degree in a Computer Science, Computer Engineering, Information Security or Cyber/Digital Forensics related discipline; or
    • Digital Forensics and Incident Response Certification (i.e. EnCE or related SANS certification, such as GCFA).

  • One or more of the following qualifications or certifications are highly advantageous, though not essential:
    • A Cloud related qualification or certification, such as Certified Cloud Security Professional (CCSP), or related to Microsoft Azure and Amazon Web Services (AWS); or
    • Linux Qualification or Certification, e.g Red Hat Certified System Administrator (RHSA).

  • One or more of the following skills or experience are also advantageous and would be particularly exciting, though not essential:
    • Programming and scripting skills or experience, such as:
      • Programming skills and experience, such as Java, C++, Python; or
      • Batch or shell scripting experience within Windows or Linux environments; or
    • Experience in one of the following Digital Forensics and Incident Response (DFIR) backgrounds:
      • Cloud and/or containerisation technologies (i.e. Docker and Kubernetes) within an enterprise environment; or
      • Linux/Unix systems with particular focus on RedHat or other enterprise scale distributions (distros). This experience should also include excellent knowledge of operating system nuances, file systems and inner workings.

For candidates with Microsoft Azure Engineering experience, please refer to the following in terms of skills and qualifications:

  • One of the below qualifications or certifications are an essential requirement:
    • Bachelor’s, Masters or Doctorate Degree in Computer Science or Computer Engineering; or
    • Microsoft Azure Cloud Engineer certification from Microsoft, or related certification.

  • One or more of the following qualifications or certifications are highly advantageous, though not essential:
    • Bachelor’s, Masters or Doctorate Degree, or certification in an Information Security or Cyber/Digital Forensics related discipline. (e.g. EnCE , CISSP or related SANS certification, such as GCFA); or
    • Amazon Web Services (AWS) Engineer certification from Amazon, or related certification;

  • One or more of the following skills or experience are also advantageous and would be particularly exciting, though not essential:
    • Programming and scripting skills or experience, such as:
      • Programming skills and experience, such as Java, C++, Python; or
      • Batch or shell scripting experience within Windows or Linux environments; or
    • Experience in one of the following backgrounds:
      • Cloud and/or containerisation technologies (i.e. Docker and Kubernetes) within an enterprise environment; or
      • Linux/Unix systems with particular focus on RedHat or other enterprise scale distributions (distros). This experience should also include excellent knowledge of operating system nuances, file systems and inner workings.

What you can expect

The Cyber Security Defense (CSD) team’s aim is to protect the bank and has an end to end view and influence over all security controls at the Bank. Digital Forensics (DF), which is part of CSD, is a reactive team that responds to events or incidents in order to identify and mitigate risk to the Bank. Digital Forensics purview encompasses a wide breadth of incidents, which includes but are not limited to third party breaches, determining data exfiltration and anything else in-between. The Digital Forensics team are well trained and comprise of individuals with a number of different backgrounds, which range from law enforcement, consulting and from within industry. The Digital Forensics team has a vested interest in taking members of the team to the next level. Regardless of levels of experience, training and certification opportunities are commonplace and actively encouraged, as well as the empowerment to invest time in learning new and upcoming technologies that improve on the way that we respond to incidents.

What you will do

Not one day is the same for Cyber Security Defense (CSD) team and this is especially true for Digital Forensics (DF). Anyone working within the Digital Forensics team can expecting the following:

  • Utilising your extensive Digital Forensics and Incident Response experience to conduct and manage your individual caseload across the entire incident response or investigative lifecycle from start to finish;
  • Discovering unfamiliar technology or data during the midst of an incident or investigation and assessing its relevance to the issues at hand, i.e. stored information, auditing capability, evidential value etc;
  • Leveraging upon your ability to communicate, both written and verbal, in a clear, concise and inclusive manner to technical and non-technical audiences with colleagues, peers and stakeholders at all levels;
  • Embracing new and upcoming technologies and assessing how they could apply and improve on the way in which the team responds to incidents;
  • Working alongside a global team with colleagues in the USA and Europe, whilst placing emphasis on collaboration and sharing of ideas and methodologies;
  • Undertaking and sharing the responsibilities of working an on-call schedule so that the bank is well placed to respond to incidents or investigations when required.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Job Band:

H5

Shift: 

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Your background

Bank of America is seeking to expand and diversify their Digital Forensics and Incident Response (DFIR) capability with motivated and adaptable individuals from a range of different backgrounds and experience.

This role is open to individuals with either of the following backgrounds:

  • Digital Forensics and Incident Response (DFIR) experience from 3 years to 10 years; or alternatively
  • Microsoft Azure Cloud Engineers with at least 2 years of implementation experience, with the passion to learn and move into the Digital Forensics discipline (the appropriate training and guidance will be provided)

Candidates with Digital Forensics and Incident Response (DFIR) experience will possess either of the following backgrounds:

  • Candidates with experience ranging from 3 years to 7  years of experience
    • Identify, analyse and present evidential data from workstation orientated systems, including but not limited to systems installed with Microsoft Windows; and
    • Such candidates will have experience in investigating specific facets or workstreams of various incident scenarios/investigations as part of a broader DFIR/investigative team; and
    • This particular type of candidate will have amassed some form of generalist or broad knowledge in computing and networking, together with at least a generalist understanding of information security technologies, techniques and processes. The candidate may also have led or started to lead a limited amount of incident scenarios/investigations from commencement to cessation, though not a requirement.

  • Candidates with experience ranging from 8 years to 10 years of experience
    • Identify, analyse and present evidential data from a wide range of enterprise systems for a wide range of incident or investigative scenarios; and
    • Such candidates will have experience in investigating and leading various incident scenarios/investigations as part of a broader DFIR/investigative team from commencement to cessation; and
    • This particular type of candidate will be able to draw upon their well versed knowledge in computing and networking, together with information security technologies, techniques and processes. The candidate may also have initiated or driven initiatives to transform, evolve or upgrade incident scenarios/investigations processes and/or technologies.

Candidates who are Microsoft Azure Engineers and have implementation experience will possess the following background:

  • Excellent knowledge of Microsoft Azure infrastructure nuances and inner workings. More specifically, the candidate should possess knowledge and experience in respect of design, implementation and troubleshooting; and
  • Such candidates will have experience in respect of the above as part of a broader team, as well as communicating with clients on their use-case requirements; and
  • This particular type of candidate will have also amassed some form of generalist or broad knowledge in computing and networking through systems administration experience, together with at least a generalist understanding of information security technologies.

For all candidates with Digital Forensics and Incident Response experience, please refer to the following in terms of skills and qualifications:

  • One of the below qualifications or certifications are an essential requirement:
    • Bachelor’s, Masters or Doctorate Degree in a Computer Science, Computer Engineering, Information Security or Cyber/Digital Forensics related discipline; or
    • Digital Forensics and Incident Response Certification (i.e. EnCE or related SANS certification, such as GCFA).

  • One or more of the following qualifications or certifications are highly advantageous, though not essential:
    • A Cloud related qualification or certification, such as Certified Cloud Security Professional (CCSP), or related to Microsoft Azure and Amazon Web Services (AWS); or
    • Linux Qualification or Certification, e.g Red Hat Certified System Administrator (RHSA).

  • One or more of the following skills or experience are also advantageous and would be particularly exciting, though not essential:
    • Programming and scripting skills or experience, such as:
      • Programming skills and experience, such as Java, C++, Python; or
      • Batch or shell scripting experience within Windows or Linux environments; or
    • Experience in one of the following Digital Forensics and Incident Response (DFIR) backgrounds:
      • Cloud and/or containerisation technologies (i.e. Docker and Kubernetes) within an enterprise environment; or
      • Linux/Unix systems with particular focus on RedHat or other enterprise scale distributions (distros). This experience should also include excellent knowledge of operating system nuances, file systems and inner workings.

For candidates with Microsoft Azure Engineering experience, please refer to the following in terms of skills and qualifications:

  • One of the below qualifications or certifications are an essential requirement:
    • Bachelor’s, Masters or Doctorate Degree in Computer Science or Computer Engineering; or
    • Microsoft Azure Cloud Engineer certification from Microsoft, or related certification.

  • One or more of the following qualifications or certifications are highly advantageous, though not essential:
    • Bachelor’s, Masters or Doctorate Degree, or certification in an Information Security or Cyber/Digital Forensics related discipline. (e.g. EnCE , CISSP or related SANS certification, such as GCFA); or
    • Amazon Web Services (AWS) Engineer certification from Amazon, or related certification;

  • One or more of the following skills or experience are also advantageous and would be particularly exciting, though not essential:
    • Programming and scripting skills or experience, such as:
      • Programming skills and experience, such as Java, C++, Python; or
      • Batch or shell scripting experience within Windows or Linux environments; or
    • Experience in one of the following backgrounds:
      • Cloud and/or containerisation technologies (i.e. Docker and Kubernetes) within an enterprise environment; or
      • Linux/Unix systems with particular focus on RedHat or other enterprise scale distributions (distros). This experience should also include excellent knowledge of operating system nuances, file systems and inner workings.

What you can expect

The Cyber Security Defense (CSD) team’s aim is to protect the bank and has an end to end view and influence over all security controls at the Bank. Digital Forensics (DF), which is part of CSD, is a reactive team that responds to events or incidents in order to identify and mitigate risk to the Bank. Digital Forensics purview encompasses a wide breadth of incidents, which includes but are not limited to third party breaches, determining data exfiltration and anything else in-between. The Digital Forensics team are well trained and comprise of individuals with a number of different backgrounds, which range from law enforcement, consulting and from within industry. The Digital Forensics team has a vested interest in taking members of the team to the next level. Regardless of levels of experience, training and certification opportunities are commonplace and actively encouraged, as well as the empowerment to invest time in learning new and upcoming technologies that improve on the way that we respond to incidents.

What you will do

Not one day is the same for Cyber Security Defense (CSD) team and this is especially true for Digital Forensics (DF). Anyone working within the Digital Forensics team can expecting the following:

  • Utilising your extensive Digital Forensics and Incident Response experience to conduct and manage your individual caseload across the entire incident response or investigative lifecycle from start to finish;
  • Discovering unfamiliar technology or data during the midst of an incident or investigation and assessing its relevance to the issues at hand, i.e. stored information, auditing capability, evidential value etc;
  • Leveraging upon your ability to communicate, both written and verbal, in a clear, concise and inclusive manner to technical and non-technical audiences with colleagues, peers and stakeholders at all levels;
  • Embracing new and upcoming technologies and assessing how they could apply and improve on the way in which the team responds to incidents;
  • Working alongside a global team with colleagues in the USA and Europe, whilst placing emphasis on collaboration and sharing of ideas and methodologies;
  • Undertaking and sharing the responsibilities of working an on-call schedule so that the bank is well placed to respond to incidents or investigations when required.

About Bank of America

Our purpose as a firm is to make financial lives better, through the power of every connection. Across the world, we partner with leading corporate and institutional investors through our offices in more than 35 countries. In the U.S. alone, we serve almost all of the Fortune 500 companies and approximately 67 million consumer and small-business clients. We provide a full suite of financial products and services, from banking and investments to asset and risk management. We cover a broad range of asset classes, making us a global leader in corporate and investment banking, sales and trading.

Connecting Asia Pacific to the world

Our Asia Pacific team is spread across 19 cities in 12 markets. We are focused on connecting Asia to the world and the world to Asia, using our global expertise to ensure success is shared between us, our clients and our communities. Our regional footprint covers 12 currencies, more than a dozen languages and five time zones, placing us firmly among the region’s leading financial services companies.

Learn more about this role

Full time

JR-22052056

Band: H5

Manages People:

Manager:

Talent Acquisition Contact:

Wayne Tan

Referral Bonus:

0