Denver, Colorado

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Operations (CSO) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSO team drives out the enterprise-wide cyber exercise program.

The Senior Threat Evaluation Analyst synthesizes threat intelligence and technical knowledge of/expertise in bank processes and controls from multiple sources (to include process & control owners, assessments, tests, dashboards, the SPI) in order to appropriately characterize the bank's processes & controls in light of a specific threat and identify/document associated opportunities for enhancement. This role will directly assist in the identification, design and delivery of improvements to defense capabilities based on threat intelligence, risk processes, threat evaluations and incidents / issues throughout the Bank. The role exists within an environment that is extremely fast-paced and requires superior organizational and time-management skills but is also open, collaborative and possesses a global presence. Job responsibilities include:
  • Applying technical expertise/experience in reviewing Threat Intake submissions to ensure full comprehension and obtain the clarification and/or additional information required for the proper and timely execution of the threat evaluation function
  • Working with Cyber Threat Defense Operations teammates, GIS control owners, subject matter experts and other partners to understand the bank's current defensive posture against specific threats and identify opportunities for improvement
  • Reviewing existing process and control information as it relates to the threat from cyber assessments
  • Producing written documentation (e.g. a completed Threat Evaluation form) of in-scope controls for a given threat. This includes summarizing control evaluation takeaways as it relates to the threat for consumption by other GIS partners Presenting findings to senior leaders and peers across and external to GIS on the threat scenario; as required, representing the Threat Evaluation function as proxy for team lead
  • Ensuring the Threat Evaluation function maintains an accurate, up-to-date and accessible report on the status of its work while meeting all OLAs/timelines
  • Ensuring the Threat Evaluation function effectively captures and warehouses all relevant control information for re-use and application in broader GIS/CSD efforts
  • Assisting with the development/maturation of the Threat Evaluation function, to include the establishment/development of relationships with key partners and the development of technology solutions
  • Demonstrating exceptional organizational and cross-functional communication skills to integrate information/data/analysis from across the Enterprise

Desired Skills and Experience
  • Direct experience with cybersecurity/GIS processes and controls, particularly technical/CSD processes and controls, is required (e.g., (Process or Control Owner; significant Technical Control team expertise)
  • Direct experience with or strong familiarity with cybersecurity assessments and testing is highly desired
  • Working knowledge of the MITRE ATT&CK Framework is highly desired
  • Single Process Inventory (SPI & Process Owner Portal) Framework is desired
  • Information security frameworks such as NIST CSF (cybersecurity framework), FFIEC CAT is desired
  • Risk Analysis, risk models, risk quantification, risk score development is desired

The application of existing and developed technical knowledge of and experience with information security controls, infrastructure, problem management, risk identification and remediation is key to this role. An ability to operate independently and consistently exercise sound judgment is required, as are facilitation, writing and presentation skills. The candidate must possess an understanding of the cyber threat and controls landscape. The role requires extraordinary data analysis and communication and superior organizational abilities (documentation, attention to detail) together with a passion for working in a dynamic, fast-paced environment. This is a developing function within the Cyber Security Operations unit and as such offers an outstanding opportunity for the right candidate to demonstrate and further develop their skills.

Job Band:
H4

Shift:
1st shift (United States of America)

Hours Per Week:
40

Weekly Schedule:

Referral Bonus Amount:
0
--> Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Operations (CSO) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSO team drives out the enterprise-wide cyber exercise program.

The Senior Threat Evaluation Analyst synthesizes threat intelligence and technical knowledge of/expertise in bank processes and controls from multiple sources (to include process & control owners, assessments, tests, dashboards, the SPI) in order to appropriately characterize the bank's processes & controls in light of a specific threat and identify/document associated opportunities for enhancement. This role will directly assist in the identification, design and delivery of improvements to defense capabilities based on threat intelligence, risk processes, threat evaluations and incidents / issues throughout the Bank. The role exists within an environment that is extremely fast-paced and requires superior organizational and time-management skills but is also open, collaborative and possesses a global presence. Job responsibilities include:
  • Applying technical expertise/experience in reviewing Threat Intake submissions to ensure full comprehension and obtain the clarification and/or additional information required for the proper and timely execution of the threat evaluation function
  • Working with Cyber Threat Defense Operations teammates, GIS control owners, subject matter experts and other partners to understand the bank's current defensive posture against specific threats and identify opportunities for improvement
  • Reviewing existing process and control information as it relates to the threat from cyber assessments
  • Producing written documentation (e.g. a completed Threat Evaluation form) of in-scope controls for a given threat. This includes summarizing control evaluation takeaways as it relates to the threat for consumption by other GIS partners Presenting findings to senior leaders and peers across and external to GIS on the threat scenario; as required, representing the Threat Evaluation function as proxy for team lead
  • Ensuring the Threat Evaluation function maintains an accurate, up-to-date and accessible report on the status of its work while meeting all OLAs/timelines
  • Ensuring the Threat Evaluation function effectively captures and warehouses all relevant control information for re-use and application in broader GIS/CSD efforts
  • Assisting with the development/maturation of the Threat Evaluation function, to include the establishment/development of relationships with key partners and the development of technology solutions
  • Demonstrating exceptional organizational and cross-functional communication skills to integrate information/data/analysis from across the Enterprise

Desired Skills and Experience
  • Direct experience with cybersecurity/GIS processes and controls, particularly technical/CSD processes and controls, is required (e.g., (Process or Control Owner; significant Technical Control team expertise)
  • Direct experience with or strong familiarity with cybersecurity assessments and testing is highly desired
  • Working knowledge of the MITRE ATT&CK Framework is highly desired
  • Single Process Inventory (SPI & Process Owner Portal) Framework is desired
  • Information security frameworks such as NIST CSF (cybersecurity framework), FFIEC CAT is desired
  • Risk Analysis, risk models, risk quantification, risk score development is desired

The application of existing and developed technical knowledge of and experience with information security controls, infrastructure, problem management, risk identification and remediation is key to this role. An ability to operate independently and consistently exercise sound judgment is required, as are facilitation, writing and presentation skills. The candidate must possess an understanding of the cyber threat and controls landscape. The role requires extraordinary data analysis and communication and superior organizational abilities (documentation, attention to detail) together with a passion for working in a dynamic, fast-paced environment. This is a developing function within the Cyber Security Operations unit and as such offers an outstanding opportunity for the right candidate to demonstrate and further develop their skills.

Job Band:
H4

Shift:
1st shift (United States of America)

Hours Per Week:
40

Weekly Schedule:

Referral Bonus Amount:
0
Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Operations (CSO) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSO team drives out the enterprise-wide cyber exercise program.

The Senior Threat Evaluation Analyst synthesizes threat intelligence and technical knowledge of/expertise in bank processes and controls from multiple sources (to include process & control owners, assessments, tests, dashboards, the SPI) in order to appropriately characterize the bank's processes & controls in light of a specific threat and identify/document associated opportunities for enhancement. This role will directly assist in the identification, design and delivery of improvements to defense capabilities based on threat intelligence, risk processes, threat evaluations and incidents / issues throughout the Bank. The role exists within an environment that is extremely fast-paced and requires superior organizational and time-management skills but is also open, collaborative and possesses a global presence. Job responsibilities include:
  • Applying technical expertise/experience in reviewing Threat Intake submissions to ensure full comprehension and obtain the clarification and/or additional information required for the proper and timely execution of the threat evaluation function
  • Working with Cyber Threat Defense Operations teammates, GIS control owners, subject matter experts and other partners to understand the bank's current defensive posture against specific threats and identify opportunities for improvement
  • Reviewing existing process and control information as it relates to the threat from cyber assessments
  • Producing written documentation (e.g. a completed Threat Evaluation form) of in-scope controls for a given threat. This includes summarizing control evaluation takeaways as it relates to the threat for consumption by other GIS partners Presenting findings to senior leaders and peers across and external to GIS on the threat scenario; as required, representing the Threat Evaluation function as proxy for team lead
  • Ensuring the Threat Evaluation function maintains an accurate, up-to-date and accessible report on the status of its work while meeting all OLAs/timelines
  • Ensuring the Threat Evaluation function effectively captures and warehouses all relevant control information for re-use and application in broader GIS/CSD efforts
  • Assisting with the development/maturation of the Threat Evaluation function, to include the establishment/development of relationships with key partners and the development of technology solutions
  • Demonstrating exceptional organizational and cross-functional communication skills to integrate information/data/analysis from across the Enterprise

Desired Skills and Experience
  • Direct experience with cybersecurity/GIS processes and controls, particularly technical/CSD processes and controls, is required (e.g., (Process or Control Owner; significant Technical Control team expertise)
  • Direct experience with or strong familiarity with cybersecurity assessments and testing is highly desired
  • Working knowledge of the MITRE ATT&CK Framework is highly desired
  • Single Process Inventory (SPI & Process Owner Portal) Framework is desired
  • Information security frameworks such as NIST CSF (cybersecurity framework), FFIEC CAT is desired
  • Risk Analysis, risk models, risk quantification, risk score development is desired

The application of existing and developed technical knowledge of and experience with information security controls, infrastructure, problem management, risk identification and remediation is key to this role. An ability to operate independently and consistently exercise sound judgment is required, as are facilitation, writing and presentation skills. The candidate must possess an understanding of the cyber threat and controls landscape. The role requires extraordinary data analysis and communication and superior organizational abilities (documentation, attention to detail) together with a passion for working in a dynamic, fast-paced environment. This is a developing function within the Cyber Security Operations unit and as such offers an outstanding opportunity for the right candidate to demonstrate and further develop their skills.

Shift:
1st shift (United States of America)

Hours Per Week:
40
Learn more about this role

Denver, Colorado

You’ve led troops, now help lead your community 

As a leader in the military, you motivated troops to get the job done. We value your ability to influence change and encourage you to continue that influence here and in our communities. Our Military Affairs Team proudly supports veterans in our communities through education and volunteer events. Together, we can create better communities and a brighter future for us all. 

First you fought for the American dream, now you can guide its future

You joined the military to protect a nation and its people. Let the same passion for making a difference lead you to a new career. At Bank of America, we’re proud that more than 6,800 veterans work for us. They’ve discovered that their desire to help others didn’t end with their service. Here, you’ll help our customers and clients connect to better financial lives.

Similar jobs