Description

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Job Description:

The Cyber Security Operation (CSO) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSO team drives out the enterprise-wide cyber exercise program. The Global Information Security - Cyber Security Operation team is a true global operations shop with leading edge tools, processes, and people. This role will be responsible for analyzing and escalating internet monitoring security events within a defined business SLA. The role requires someone who will be proactive in furthering the control's maturity. The candidate should possess a high degree of intellectual curiosity and have a strong desire to find and mitigate risks

***Candidate must be willing to enroll in Associate Investment Monitoring due to the nature of the role and access.***

What you will do

• Daily analysis of internet monitoring alerts accurately within the defined business SLA Identify and escalate risk according to standard operation procedures
• Willingness to actively participate in team discussions and knowledge-sharing
• By analyzing events/metrics and escalation data, identify patterns and trends on high-risk controls and proactively suggest, develop, and implement enhancements to reduce risk.
• Self-starter with an ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Basic understanding of networking systems, security vulnerabilities, exploits and attacks
• Strong communications both written and verbal with the ability to present control topics to a broad audience.

Your background

• 2-5 years of experience in information security and/or related technology field
• You have an innovative mindset. Not afraid to ask why and question established practices, always looking to own and improve quality via automation and tooling.
• You have strong analytical skills required to identify threats, vulnerabilities, and exploitations.
• You are broadly skilled who can pick up new technologies and concepts and apply them to your day-to-day work. You should understand the industry leading Data Loss Prevention tools and technologies.
• You are a good team player and willing to actively participate in team discussions and knowledge-sharing.
• You can demonstrate a problem-solving mindset with intellectual curiosity, critical thinking, and proactive solutions.

Required Qualifications

• Experience: 2+ years of experience in information security or a related technology field.
• Strong understanding of different security domains and industry leading DLP technologies.
• Experience spotting threats, vulnerabilities, and exploitation methods.
• Solid grasp of networking, system security, vulnerabilities, exploits, and common attack vectors.
• Intellectual curiosity, critical thinking, and a drive for proactive solutions.
• Strong written and verbal skills; able to present technical topics to audiences of all levels.
• Comfortable navigating a geographically diverse, complex global corporation while collaborating effectively.

Desired Qualifications

• Certifications -Security+, Network+, CEH, CISSP, CySA+, CISA, CCNA, CCNP
• Familiarity with Splunk
• Familiarity with McAfee ePolicy Orchestrator (ePO) - Incident Manager
• Familiarity with Confluence / SharePoint
• Familiarity with JIRA

Skills:

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis
• Business Acumen
• Data and Trend Analysis
• Interpret Relevant Laws, Rules, and Regulations
• Risk Analytics
• Stakeholder Management
• Access and Identity Management
• Data Governance
• Encryption
• Information Systems Management
• Technology System Assessment

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:
1st shift (United States of America)

Hours Per Week:
40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926)

Pay and benefits information

Pay range

$95,700.00 - $144,900.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.