Vice President, Malware Analysis, Cyber Threat Defense

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

 Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

The GIS Team

The Global Information Security (GIS) team is responsible for protecting bank information systems, confidential and proprietary data, and customer information. Within GIS, The Cyber Threat Defense (CTD) team aims to protect the bank by having an end-to-end view and influence over all security controls at the Bank.

The CTD Malware Defense team reduces risk across the Bank by leveraging multiple methods of malicious code detection and containment activities for the security, safeguarding, business continuity, and confidentiality of information at Bank of America.

CTD Malware Defense team is truly global and operates 24x7 on follow-the-sun model having teams based in APAC, EMEA and AMRS.

The VP: Malware Analysis role undertakes incident response activities with a primary focus on Malware analysis.

What you will do

• Perform both static and dynamic analysis of Malware to extract IoCs and identify Malware family.
• Proactively respond to and disrupt actions by threat actors, mitigating potential threats.
• Conduct in-depth analysis of various Malware alerts and associated events.
• Reverse engineer the latest Malware and produce comprehensive deep-dive analysis reports. 
• Perform disk based and memory-based analysis of systems.
• Execute and improve relevant risk management strategies.
• Perform real-time analysis and trending of security log data from various security devices and systems.
• Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
• Respond to user incident reports and evaluate the type and severity of security events.
• Execute initial triage of incidents to rule out false positives.
• Identify recurring security issues and risks and develop mitigation plans and recommend process improvements.
• Interpret and apply security policies and procedures.
• Establish escalation processes for security incidents and develop contingency plans and disaster recovery procedures.

Your background

• Direct experience of analyzing Malware within Banking, Critical Infrastructure, Big Tech, or Vendors
• Solid understanding of dynamic/static analysis of Malware.
• Background in network traffic analysis related to Malware.
• Experience in encryption/obfuscation and how to reverse engineer the same.
• Experience of creating innovative ways to track progression of Malware families, infrastructure and campaigns conducted by various threat actors.
• GCIH, GREM, GCFA, CISSP or CCSP desirable
• Knowledge of networking protocols:  TCP/IP, HTTP/HTTPs, FTP, etc.
• Ability to create scripts and other forms of automation.
• Excellent communication skills, able to adapt a message to various audiences.
• Knowledge/experience of at least one major cloud services provider (AWS, GCP, Azure) technologies