Role Description:

Responsibilities include, but are not limited to:

• Analyse data and evaluate relevance to a specific incident under investigation
• Document each stage of the investigation and maintain a focus on case logs and details
  Present findings via written reports and orally to key stakeholders in clear and concise language
• Effectively communicates investigative findings to non-technical audiences
• Ability to interact with and lead discussions with senior Bank executives across different functions and lines of business
• Ability to manage high risk regional information security incidents by working in conjunction with response partners and other risk teams
• Ability to navigate and work effectively across a complex organization that is geographically dispersed

Maintain an awareness of industry challenges and advancements in order to add value to existing technologies and processes used within the team

Candidates must be willing to be enrolled in AIM (Associate Investment Monitoring) program and operate under a Non-Disclosure Agreement. Role may require non-traditional work hours and on-call duties to support tactical response partners.

The Team:

The Cyber Security Defense (CSD) function within Global Information Security enables the various businesses of Bank of America to conduct operations in a secure, trusted, and safe manner by defending the organization and our customers from cyberattacks.  Additionally, the team oversees all aspects of threat intelligence and monitoring, application and network security, access management operations and insider threats. 

The Tactical Insider Response Analyst will be responsible for conducting data analysis of insider threat auditing and monitoring software resources to detect and identify insider risk activities. In addition, you will be required to complete investigations by analysing and verifying information through various investigative techniques, internal resources, and conversations/interviews with persons of interest. The role will also require regular collaboration with experts in and out of the team, both in country and in other regions and as such will require excellent communication skills.

Core Skills:

Required Skills:

• 5+ years work experience with an insider threat focus or technical background that could be applied to build methods to identify insider threat risk
• Curiosity, diversity of thought, critical thinking, willingness to learn, and persistence to identify risk
• Technical skills to allow a process to be followed methodically and systematically
• Familiarity with Splunk, ENCASE, and other similar investigative and monitoring tools
• Exceptional written and oral communication skills and ability to interact effectively with technical and non-technical audiences including stakeholders and Senior Management
• The ability to learn and discover how unfamiliar technology works
• Excellent organizational skills to manage caseload, projects and ad hoc requests
• Report writing skills
• Project Management skills

Desired Skills:

• An understanding of human behavior / human psychology or investigative background
• Technical experience with information security / data loss prevention tools or controls such as Intrusion Detection & Prevention technologies (IDS/IPS) and/or SIEM systems and other data correlation engines.
• Experience in conducting complex investigations with an Insider Threat emphasis
• Foundational knowledge in computer forensics, incident response
• Certifications - Security+, Network+, CEH, CISSP, CCNA, CCNP, EnCE other cyber security related certifications
• Networking/System administration experience
• Bachelor’s in computer science