If you're looking for a career change or you're in search of talent...

Explore New Job Opportunities Here

Malware Prevention Analyst, Global Information Security

Bank of America

Bank of America

Administration, IT
Sydney, NSW, Australia · United States · Remote
Posted on Thursday, June 13, 2024

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Your background

  • Strong direct experience of analyzing malware

  • Must have a solid understanding of dynamic/static analysis of malware

  • Background in network traffic analysis related to malware

  • Experience in encryption/obfuscation and how to reverse engineer (desirable)

  • GCIH, GREM, GCFA, CISSP or CCSP desirable

  • At least 3+ years of direct experience analyzing malware (or show equivalent competency)

  • Able to work independently on tasks

  • Able to work well within a team environment

  • Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by various threat actors

  • Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP etc.

  • Ability to create scripts and other forms of automation

  • Excellent communication skills, able to adapt a message to various audiences

  • Knowledge/experience of at least one major cloud services provider (AWS, GCP, Azure) technologies

What you can expect

The Global Information Security (GIS) team is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The Cyber Threat Defense (CTD) team aims to protect the bank by having an end-to-end view and influence over all security controls at the Bank. The CTD Malware Defense team specifically aims to reduce risk across the Bank of America by using leveraging multiple methods of malicious code detection and containment activities for the security, safeguarding, continuity and confidentiality of information at Bank of America. The Malware Defense Analyst role undertakes incident response activities with a primary focus on malware analysis.

CTD Malware Defense team operates 24x7 on follow-the-sun model having teams based in APAC, EMEA and AMRS. This role may require working on public holidays and weekends as part of 24x7 coverage.

What you will do

  • Analyze various malware alerts and corresponding events

  • Respond to actions by threat actors and disrupt their attempted actions

  • Perform static and dynamic forensic analysis of malware

  • Perform disk based and memory-based analysis of systems

  • Execute and improve relevant risk management strategies

  • Perform real-time analysis and trending of security log data from various security devices and systems.

  • Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.

  • Respond to user incident reports and evaluates the type and severity of security events.

  • Execute initial triage of incidents to rule out false positives.

  • Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.

  • Interpret and apply security policies and procedures.

  • Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.