Full-time
Insider Threat Information Security Engineer - Bank of America - Addison, TX

Job Description:
Scope:
The Financial Services Sector represents a vital component of our nation's critical infrastructure. Large-scale power outages, recent natural disasters, and an increase in the number and sophistication of cyber-attacks demonstrate the wide range of potential risks facing the sector. Bank of America, due to its brand and size, presents itself as a significant target for cyber-attacks from both external and internal threat actors.

Job Description
Bank of America’s Cyber Security Operations team is looking to recruit an Insider Threat Response - Behavior Analytics Engr. The role is to work on complex projects that deliver world-class Insider Threat controls in support of behavior analytics strategy. You will be working with Global Information Security (GIS) management to help define the behavior analytics strategy and roadmaps for technology products, service standards, operational processes and governance routines that impact the global corporation. You will be required to conduct behavioral assessments and in-depth investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. Candidates must be aggressively curious, have the ability to rationalize human cyber activity as it relates to threat, and can translate investigative findings to actionable risk mitigation tasks.

Responsibilities:
Researching, designing, engineering, implementing, and operating the next generation behavior analytics information security technologies and processes to address security issues holistically
Utilizing in-depth technical knowledge, behavior analytics focused methodologies and business requirements to design and implement secure solutions to protect the Bank's assets
Exercising judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results
Ability to apply reasoning and problem solving skills while utilizing next generation tools and technology to conduct deep behavioral analytics assessments/ investigations with a focus on mitigating information security related insider threats
Complete written reports in compliance with current reporting procedures and policies. Must have the ability to write detailed, concise, and accurate reports
May require on-call duties (evenings / weekends) to support tactical response partners

Required Skills & Experience:
Aggressive curiosity, diversity of thought, critical thinking and persistence to identify risk

Strong oral and written communications skills and ability to interact effectively with technical and non-technical audiences, as well as present in front of small and large groups

Deep experience with Insider Threat as a focus area within Information Security

An excellent understanding of human behavior/ human psychology

Robust investigative and interview abilities

Experience and hands on knowledge with Data Loss Prevention security controls

Knowledge of privacy, intellectual property, technology, and legal issues

Ability to recognize and deal appropriately with confidential and sensitive information

Working knowledge of common network protocols, information security practices and security vulnerabilities

Ability to navigate and work effectively across a complex organization that is geographically dispersed

Ability to build consensus and cooperation as well as the ability to influence, interact and negotiate with senior leadership in the organization

Demonstrate a proven ability to self-direct project outcomes, with minimal supervision, to achieve program goals

Desired Skills & Experience:
Certifications- CeH, CFE, CFCE, CISSP, GCIH, SANS, GIAC

Experience conducting investigative interviews

Networking/System administration experience

Experience with Intrusion Detection & Prevention technologies (IDS/IPS)

Experience with SIEM systems and other data correlation engines

Enterprise Role Overview:
As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.

Shift: 1st shift (United States of America)

Hours Per Week: 40

Apply for this job  or Save to My Jobs

Around the Network