Cyber Security Operations Data in Motion - Internet Monitoring Analyst (Data Loss Prevention), Global Information Security
Bank of America
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Your background
- You have an innovative mindset. Not afraid to ask why and question established practices, always looking to own and improve quality via automation and tooling.
- You have strong analytical skills required to identify threats, vulnerabilities, and exploitations.
- You are broadly skilled who can pick up new technologies and concepts and apply them to your day-to-day work. You should understand the industry leading Data Loss Prevention tools and technologies.
- You are a good team player and willing to actively participate in team discussions and knowledge-sharing.
- You can demonstrate a problem-solving mindset with intellectual curiosity, critical thinking, and proactive solutions.
- You are willing to work weekend (Saturday and Sunday) on a rotational shift basis.
- You are willing to be enrolled into the bank’s Associate Investment Monitoring Program.
What you can expect
The Cyber Security Operation (CSO) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSO team drives out the enterprise-wide cyber exercise program. The Global Information Security - Cyber Security Operation team is a true global operations shop with leading edge tools, processes, and people. This role will be responsible for analyzing and escalating internet monitoring security events within a defined business SLA. The role requires someone who will be proactive in furthering the control’s maturity. The candidate should possess a high degree of intellectual curiosity and have a strong desire to find and mitigate risks
Candidate must be willing to enroll in Associate Investment Monitoring due to the nature of the role and access.
What you will do
- Daily analysis of Internet monitoring alerts accurately within the defined business SLA Identify and escalate risk according to standard operation procedures.
- Willingness to actively participate in team discussions and knowledge-sharing
- Analyze events/metrics and escalation data, identify patterns and trends on high-risk controls and proactively suggest, develop, and implement enhancements to reduce risk.
- Self-starter with an ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
- Basic understanding of networking systems, security vulnerabilities, exploits and attacks.
- Strong communications both written and verbal with the ability to present control topics to a broad audience.
- Willing to work weekend on a rotational shift basis.
- Perform real-time analysis and trending of security log data from various security devices and systems.
- Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.
- Respond to user incident reports and evaluates the type and severity of security events.
- Execute initial triage of incidents to rule out false positives.
- Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.
- Interpret and apply security policies and procedures.
- Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.