Listing Description
The Cyber Event Response Team’s mission is to reduce risk across Bank of America by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity and confidentiality of information at Bank of America.
The malware analyst will be responsible for analyzing various malware samples, understanding remediation efforts, track espionage actors and their infrastructure, and report on those findings to our customers.
Successful candidates must be able to work independently on their given tasks, work well in a team environment, and come up with innovative ways to track progression of malware families, infrastructure, and campaigns conducted by espionage actors· 3+ years of direct experience in incident response surrounding malware related events(or must show equivalent competency)
· Investigate computer systems to identify malware infections or evidence of malware related activity
· Must have solid understanding of Microsoft Windows malware
· Must have a solid understanding of dynamic/static analysis of malware
· Background or experience in static analysis a plus
· Must be able to think outside the box and develop solutions to accomplish difficult tasks
· Ability to create scripts to automate certain tasks a plus
· Solid background in network traffic analysis
· Experience in encryption / obfuscation and how to reverse it a plus
· Proficient knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC, RPC, DNS, etc.
· Excellent written and verbal communication skills
· Must be able to document findings, create reports and document processes to improve workflow.
· Expertise using splunk to query and search log sources to hunt for malicious activity
Desired Skills
· Offensive skills, to include pentesting and simulate threat actor tactics, these skills will be used to help improve controls.
· Bachelor's degree in Information Technology or related field.
· Enterprise Role Overview Key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & technology systems (software & hardware).
· Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank's assets.
· Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.).
· Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.
· Work leadership may be provided by assigning work and resolving problems.
Listing Details
- Citizenship: No Requirements
- Incentives: Not Provided
- Education: No Requirements
- Travel: No Travel
- Telework: No Telecommute