Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Job Description:
As a Senior Cyber Security Analyst, you will play a crucial role in the team’s daily operations involving threat monitoring and detection.
Responsibilities:
- Assists business leaders and technology teams by supporting initiatives requiring Global Information Security (GIS) engagement and facilitating problem resolution for cyber security related events
- Supports adherence to appropriate risk tolerance levels, operating in accordance with defined information security policies to protect against threats to data confidentiality, integrity, and availability
- Interprets the information security requirements outlined in polices, standards, and procedures and reinforces requirements through education and awareness
- Promotes awareness of current and emerging cybersecurity threats and advises on potential information security exposure
- Assesses and mitigates cyber security risks related to application, network, infrastructure, and public cloud
- Must be able to identify, analyze and address problems to resolve issues whenever possible in ways that minimize negative impact and risk to the organization
- Ability to work with Technical and Non-Technical business owners
- Additional Expectations of Role
- Responsible for providing AWS and Azure Cloud event monitoring, dispositioning of cases and escalation to designated control partners
- Autonomously provide expert guidance to junior analysts for all M&T workflows
- Escalation point of contact for solving technical and analytical events with greater complexity
- Participate in key leadership operating routines
- Operate as a leader and provide informal leadership through mentorship, and direction to junior analysts
- Will serve as proxy Leader on Duty (LOD) including on weekends where applicable
- Will be responsible for use of monitoring tools to proactively identify and research trends and escalate to M&T Leadership Team as needed for further analysis
- Support with identifying opportunities for additional monitoring, escalation and automation
- Performing QA for security events
- Support with the development of work instructions for troubleshooting and possible resolution of horizontal issues for M&T
- Support managers with onboarding and training of new analysts
- Ability to work independently on internal efficiencies projects and development with little oversight
Required Skills:
- Strong organization skills with the ability to prioritize requests and workload accordingly
- Must have strong leadership skills and qualities enabling collaboration with peers and various levels of management Ability to work independently on initiatives with little oversight
- Experience working in Security Operations, Production Support or incident management environment
- Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
- Motivated self-starter and willing to learn
- Broad awareness of information security operations and/or enterprise information technology (Enterprise data management, application development, network management)
Desired Skills:
- Bachelor’s degree in information technology or related field
- Leadership competency in geographically diverse matrixed environment.
- Relevant Cyber Security Certificate
- Worked in SOC environment before
- Familiarity with Cyber Security and Information Technology.
- Strong problem-solving and critical thinking skills.
- Effective communication and interpersonal skills.
- Basic knowledge in Cloud Security/Monitoring is a bonus.
- Business Intelligence
- Information Systems Management
- Data Governance
- Threat Detection and Analysis
- Fraud Detection
- Security Event and Incident Response/Mgmt.
- Threat Intelligence
- Compliance and Risk Management
- Controls Management
- Data and Trend Analysis
- Architecture
- Quality Assurance
- Project Management
- Scripting and Automation
- Executive Presence
- Vendor Management
- SIEM/SOAR Platform
- Proficient with O365 tools (i.e. Word, Excel, PowerPoint)
- IT/Cyber Certs (i.e. ISC2, GIAC, CSA, A+, Security+, Network+)
- Cloud Certification (i.e. CCSK, CCSP, AWS, Azure)