Malware Prevention Analyst, Global Information Security
Sydney
Bank of America
What would you like the power to do? For you and your family, your business and your community. At Bank of America, our purpose is to help make financial lives better through the power of every connection.Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Your background
Strong direct experience of analyzing malware
Must have a solid understanding of dynamic/static analysis of malware
Background in network traffic analysis related to malware
Experience in encryption/obfuscation and how to reverse engineer (desirable)
GCIH, GREM, GCFA, CISSP or CCSP desirable
At least 3+ years of direct experience analyzing malware (or show equivalent competency)
Able to work independently on tasks
Able to work well within a team environment
Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by various threat actors
Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc.
Ability to create scripts and other forms of automation
Excellent communication skills, able to adapt a message to various audiences
Knowledge/experience of at least one major cloud services provider (AWS, GCP, Azure) technologies
What you can expect
The Global Information Security (GIS) team is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The Cyber Threat Defense (CTD) team aims to protect the bank by having an end-to-end view and influence over all security controls at the Bank. The CTD Malware Defense team specifically aims to reduce risk across the Bank of America by using leveraging multiple methods of malicious code detection and containment activities for the security, safeguarding, continuity and confidentiality of information at Bank of America. The Malware Defense Analyst role undertakes incident response activities with a primary focus on malware analysis.
CTD Malware Defense team operates 24x7 on follow-the-sun model having teams based in APAC, EMEA and AMRS. This role may require working on public holidays and weekends as part of 24x7 coverage.
What you will do
Analyze various malware alerts and corresponding events
Respond to actions by threat actors and disrupt their attempted actions
Perform static and dynamic forensic analysis of malware
Perform disk based and memory-based analysis of systems
Execute and improve relevant risk management strategies
Perform real-time analysis and trending of security log data from various security devices and systems.
Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
Respond to user incident reports and evaluates the type and severity of security events.
Execute initial triage of incidents to rule out false positives.
Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
Interpret and apply security policies and procedures.
Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation AWS Azure CCSP CISSP Cloud Encryption GCFA GCIH GCP GREM Incident response Malware Monitoring Risk management TCP/IP
Perks/benefits: Career development Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Cybersecurity Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs