GIS Insider Threat Investigator

Job Description:

The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks.  Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats.  The People Defense organization within CSD investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across CSD and the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.   

The Tactical Insider Response Analyst will be responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, you will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions and as such will require excellent communication skills.

Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and on-call duties to support tactical response partners.

Responsibilities include, but are not limited to:

  • Analyze data and evaluate relevance to a specific incident under investigation
  • Document each stage of the investigation and maintain a focus on case logs and details
    Present findings via written reports and orally to key stakeholders in clear and concise language
  • Effectively communicates investigative findings to non-technical audiences
  • Ability to interact with and lead discussions with senior Bank executives across different functions and lines of business
  • Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams
  • Ability to navigate and work effectively across a complex organization that is geographically dispersed
  • Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team

    Required Skills:
  • 5+ years work experience with an insider threat focus or technical background that could be applied to build methods to identify insider threat risk
  • Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
  • Technical skills to allow a process to be followed methodically and systematically
  • Familiarity with Splunk, ENCASE, and other similar investigative and monitoring tools
  • Exceptional written and oral communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
  • The ability to learn and discover how unfamiliar technology works
  • Excellent organizational skills to manage caseload, projects and ad hoc requests
  • Report writing skills
  • Project Management skills

Desired Skills:

  • An understanding of human behavior / human psychology or investigative background
  • Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
  • Experience in conducting complex investigations with an Insider Threat emphasis
  • Foundational knowledge in computer forensics, incident response
  • Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
  • Networking/System administration experience
  • Bachelor’s in computer science


Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

-->

Job Description:

The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks.  Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats.  The People Defense organization within CSD investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across CSD and the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.   

The Tactical Insider Response Analyst will be responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, you will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions and as such will require excellent communication skills.

Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and on-call duties to support tactical response partners.

Responsibilities include, but are not limited to:

  • Analyze data and evaluate relevance to a specific incident under investigation
  • Document each stage of the investigation and maintain a focus on case logs and details
    Present findings via written reports and orally to key stakeholders in clear and concise language
  • Effectively communicates investigative findings to non-technical audiences
  • Ability to interact with and lead discussions with senior Bank executives across different functions and lines of business
  • Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams
  • Ability to navigate and work effectively across a complex organization that is geographically dispersed
  • Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team

    Required Skills:
  • 5+ years work experience with an insider threat focus or technical background that could be applied to build methods to identify insider threat risk
  • Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
  • Technical skills to allow a process to be followed methodically and systematically
  • Familiarity with Splunk, ENCASE, and other similar investigative and monitoring tools
  • Exceptional written and oral communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
  • The ability to learn and discover how unfamiliar technology works
  • Excellent organizational skills to manage caseload, projects and ad hoc requests
  • Report writing skills
  • Project Management skills

Desired Skills:

  • An understanding of human behavior / human psychology or investigative background
  • Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
  • Experience in conducting complex investigations with an Insider Threat emphasis
  • Foundational knowledge in computer forensics, incident response
  • Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
  • Networking/System administration experience
  • Bachelor’s in computer science


Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description: The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks.  Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats.  The People Defense organization within CSD investigates risks and protects against threats posed to the bank by insiders and works closely with peer teams across CSD and the enterprise to ensure comprehensive and proactive controls and monitoring are in place to detect and mitigate insider risks.   

The Tactical Insider Response Analyst will be responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, you will be required to complete investigations by analyzing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions and as such will require excellent communication skills.

Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and on-call duties to support tactical response partners.

Responsibilities include, but are not limited to:

  • Analyze data and evaluate relevance to a specific incident under investigation
  • Document each stage of the investigation and maintain a focus on case logs and details
    Present findings via written reports and orally to key stakeholders in clear and concise language
  • Effectively communicates investigative findings to non-technical audiences
  • Ability to interact with and lead discussions with senior Bank executives across different functions and lines of business
  • Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams
  • Ability to navigate and work effectively across a complex organization that is geographically dispersed
  • Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team

    Required Skills:
  • 5+ years work experience with an insider threat focus or technical background that could be applied to build methods to identify insider threat risk
  • Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
  • Technical skills to allow a process to be followed methodically and systematically
  • Familiarity with Splunk, ENCASE, and other similar investigative and monitoring tools
  • Exceptional written and oral communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
  • The ability to learn and discover how unfamiliar technology works
  • Excellent organizational skills to manage caseload, projects and ad hoc requests
  • Report writing skills
  • Project Management skills

Desired Skills:

  • An understanding of human behavior / human psychology or investigative background
  • Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
  • Experience in conducting complex investigations with an Insider Threat emphasis
  • Foundational knowledge in computer forensics, incident response
  • Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
  • Networking/System administration experience
  • Bachelor’s in computer science


  Shift:

1st shift (United States of America)

Hours Per Week: 

40

Company
Bank of America
Posted
10/06/2021
Type
Full time
Salary Range
$44,000.00 - 60,000.00
per Year
Salary range estimated by
Location
Addison, TX 75001, US
Apply Now