What are the responsibilities and job description for the Cyber Security Analyst position at Bank Of America?
Job Description
Job Description:
As part of the Bank's Global Information Security (GIS) organization, the Cyber Security Operations (CSO) team's aim is to protect the bank and execute end-to-end responsibility for key operational cyber security controls. The Control Health Monitoring (CHM) team takes a proactive approach to monitoring the performance and health for the full suite of CSO cyber controls to improve detection, prevention, and response capabilities, aggressively address threats and risks, and proactively analyze control health to identify opportunities for improvement.
Role Summary: As a member of the global CHM team, the Info Security Threat Management Specialist will be responsible for production of control health reports and analysis of control health themes and risks that span all the CSO security teams covered by the CHM program. Working with the Senior Info Security Threat Management Specialist and other regional team members, the Analyst will be expected to engage routinely with CSO control teams and other GIS partners to identify control health issues and provide processes and control health reporting. In particular, this role is expected to be a CHM ambassador and drive control team engagements aimed at ensuring the teams are able to identify and implement robust monitoring and fully leverage the capabilities of the CHM dashboard.
Key Responsibilities:
- Primarily engage CSO control teams in one-on-one and group settings to work operational issues related to configuration and teams' use of the CHM dashboard.
- Key participant in the effort to the define and implement an overarching framework for control health monitoring that includes people, process, and technology.
- Responsible to produce control health reporting for CSO and GIS senior leadership as needed.
- Conduct analysis of current and historical control health data that spans all CSO security teams and other key GIS partners.
- Contributor to the identification of control operational gaps and suggested improvements to both processes and technologies to augment current state.
- Support the definition and implementation to a set of operational dashboard views to support CSO-wide dashboard.
Professional Competencies:
- Proven expertise with complex initiatives and the development of new capabilities to improve cyber security operations.
- Experience in cyber security operations in multiple domains, e.g., data loss prevention, malware.
- Competent at adapting to changing business needs, applying critical thinking, communicating effectively, focusing on stakeholders, demonstrating initiative, and influencing others.
- Strong communication and presentation skills (both orally and in writing), with the ability to effectively interact, partner and influence leaders and employees at all levels of the organization.
- Demonstrated history of process design, continuous process improvement and process optimization and organization and resource management.
- Strong analytical viewpoint towards balancing risk management with operational imperatives in a fast-moving environment.
- Strong attention to detail.
- Ability to work in a global team environment as well as independently.
- Bias towards collaboration and expanding relationships across the organization.
Technical Expertise:
- Demonstrated knowledge of cyber security incident lifecycle, threat landscape, cyber-attack kill-chain / MITRE ATT&CK, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks.
- Firm understanding of operational resilience concepts and frameworks.
- Knowledge of information systems define, design, build and deploy processes.
- Familiarity with traditional IT functions and deployment processes (servers, firewalls, networks, datacenters).
Other Required Skills:
- College degree, or specialized training or equivalent work experience.
- Typically requires 3-5 plus years of related work experience.
- Relevant certifications are a plus, e.g., Security , Network , CISSP
Shift:
1st shift (United States of America)
Hours Per Week:
40
Learn more about this role
As part of the Bank's Global Information Security (GIS) organization, the Cyber Security Operations (CSO) team's aim is to protect the bank and execute end-to-end responsibility for key operational cyber security controls. The Control Health Monitoring (CHM) team takes a proactive approach to monitoring the performance and health for the full suite of CSO cyber controls to improve detection, prevention, and response capabilities, aggressively address threats and risks, and proactively analyze control health to identify opportunities for improvement.
Role Summary: As a member of the global CHM team, the Info Security Threat Management Specialist will be responsible for production of control health reports and analysis of control health themes and risks that span all the CSO security teams covered by the CHM program. Working with the Senior Info Security Threat Management Specialist and other regional team members, the Analyst will be expected to engage routinely with CSO control teams and other GIS partners to identify control health issues and provide processes and control health reporting. In particular, this role is expected to be a CHM ambassador and drive control team engagements aimed at ensuring the teams are able to identify and implement robust monitoring and fully leverage the capabilities of the CHM dashboard.
Key Responsibilities:
- Primarily engage CSO control teams in one-on-one and group settings to work operational issues related to configuration and teams' use of the CHM dashboard.
- Key participant in the effort to the define and implement an overarching framework for control health monitoring that includes people, process, and technology.
- Responsible to produce control health reporting for CSO and GIS senior leadership as needed.
- Conduct analysis of current and historical control health data that spans all CSO security teams and other key GIS partners.
- Contributor to the identification of control operational gaps and suggested improvements to both processes and technologies to augment current state.
- Support the definition and implementation to a set of operational dashboard views to support CSO-wide dashboard.
Professional Competencies:
- Proven expertise with complex initiatives and the development of new capabilities to improve cyber security operations.
- Experience in cyber security operations in multiple domains, e.g., data loss prevention, malware.
- Competent at adapting to changing business needs, applying critical thinking, communicating effectively, focusing on stakeholders, demonstrating initiative, and influencing others.
- Strong communication and presentation skills (both orally and in writing), with the ability to effectively interact, partner and influence leaders and employees at all levels of the organization.
- Demonstrated history of process design, continuous process improvement and process optimization and organization and resource management.
- Strong analytical viewpoint towards balancing risk management with operational imperatives in a fast-moving environment.
- Strong attention to detail.
- Ability to work in a global team environment as well as independently.
- Bias towards collaboration and expanding relationships across the organization.
Technical Expertise:
- Demonstrated knowledge of cyber security incident lifecycle, threat landscape, cyber-attack kill-chain / MITRE ATT&CK, security vulnerabilities, exploits, malware, digital forensics, network security vulnerabilities, exploits and attacks.
- Firm understanding of operational resilience concepts and frameworks.
- Knowledge of information systems define, design, build and deploy processes.
- Familiarity with traditional IT functions and deployment processes (servers, firewalls, networks, datacenters).
Other Required Skills:
- College degree, or specialized training or equivalent work experience.
- Typically requires 3-5 plus years of related work experience.
- Relevant certifications are a plus, e.g., Security , Network , CISSP
Shift:
1st shift (United States of America)
Hours Per Week:
40
Learn more about this role
Analyst, Cyber Defense (Security Operations)
McDonald's Corporation -
Chicago, IL
Senior Analyst Cyber Security Operations
World of Hyatt -
Chicago, IL
Cyber Analyst
F2Onsite -
Geneva, IL
