Denver, Colorado

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Offensive Security Engineer - Vulnerability Researcher
As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities. Leverages multiple methodologies including exploit development, reverse engineering, detection and mitigation analysis, and/or penetration testing across a wide variety of platforms and systems. Creates reporting that outlines and documents test findings and their potential impacts in clear and concise language. Partners with various line of business teammates to educate on specific vulnerabilities associated with their business segments and recommend the appropriate remediation actions.

Successful candidates will demonstrate the ability to consistently communicate vulnerability issues to a broad audience including both technical and non-technical colleagues. They will build and sustain relationships with members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. This role typically requires 7-10 years of IT experience, with at least 5 of those years focused on vulnerability testing.

Required Skills:
  • Highly proficient with IDA, Ghidra , etc.
  • Must have a solid understanding of exploit development and related skills, including debugging, assembly, and exploit mitigations
  • Demonstrated proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Possess a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.

Certifications in OSCP, GPEN, CISSP are a plus

Enterprise Role Overview:
Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:
H4

Shift:
1st shift (United States of America)

Hours Per Week:
40

Weekly Schedule:

Referral Bonus Amount:
0
--> Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Offensive Security Engineer - Vulnerability Researcher
As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities. Leverages multiple methodologies including exploit development, reverse engineering, detection and mitigation analysis, and/or penetration testing across a wide variety of platforms and systems. Creates reporting that outlines and documents test findings and their potential impacts in clear and concise language. Partners with various line of business teammates to educate on specific vulnerabilities associated with their business segments and recommend the appropriate remediation actions.

Successful candidates will demonstrate the ability to consistently communicate vulnerability issues to a broad audience including both technical and non-technical colleagues. They will build and sustain relationships with members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. This role typically requires 7-10 years of IT experience, with at least 5 of those years focused on vulnerability testing.

Required Skills:
  • Highly proficient with IDA, Ghidra , etc.
  • Must have a solid understanding of exploit development and related skills, including debugging, assembly, and exploit mitigations
  • Demonstrated proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Possess a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.

Certifications in OSCP, GPEN, CISSP are a plus

Enterprise Role Overview:
Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:
H4

Shift:
1st shift (United States of America)

Hours Per Week:
40

Weekly Schedule:

Referral Bonus Amount:
0
Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Offensive Security Engineer - Vulnerability Researcher
As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities. Leverages multiple methodologies including exploit development, reverse engineering, detection and mitigation analysis, and/or penetration testing across a wide variety of platforms and systems. Creates reporting that outlines and documents test findings and their potential impacts in clear and concise language. Partners with various line of business teammates to educate on specific vulnerabilities associated with their business segments and recommend the appropriate remediation actions.

Successful candidates will demonstrate the ability to consistently communicate vulnerability issues to a broad audience including both technical and non-technical colleagues. They will build and sustain relationships with members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. This role typically requires 7-10 years of IT experience, with at least 5 of those years focused on vulnerability testing.

Required Skills:
  • Highly proficient with IDA, Ghidra , etc.
  • Must have a solid understanding of exploit development and related skills, including debugging, assembly, and exploit mitigations
  • Demonstrated proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.
  • Possess a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
  • Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
  • Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds
  • Ability to effectively code in a scripting language i.e. Python, Perl, etc.

Certifications in OSCP, GPEN, CISSP are a plus

Enterprise Role Overview:
Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift:
1st shift (United States of America)

Hours Per Week:
40
Learn more about this role

Denver, Colorado

You’ve led troops, now help lead your community 

As a leader in the military, you motivated troops to get the job done. We value your ability to influence change and encourage you to continue that influence here and in our communities. Our Military Affairs Team proudly supports veterans in our communities through education and volunteer events. Together, we can create better communities and a brighter future for us all. 

First you fought for the American dream, now you can guide its future

You joined the military to protect a nation and its people. Let the same passion for making a difference lead you to a new career. At Bank of America, we’re proud that more than 6,800 veterans work for us. They’ve discovered that their desire to help others didn’t end with their service. Here, you’ll help our customers and clients connect to better financial lives.

Similar jobs