Bank of America
Cyber Crime Specialist (Data Analytics exp required)
Bank of America, Charlotte, North Carolina, United States, 28245
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Position Summary:
Our Cybercrime Disruption & Response team within Bank of America’s Cyber Crime Defense function works to continuously strengthen the bank’s cybercrime posture through research, use of threat intelligence, and extensive use of data analysis. This team works with partners throughout the bank to both discover and develop mitigations from threats to help detect, prevent cybercrime and fraud from taking advantage of our customers or infrastructure. The position of Cybercrime Identification Specialist is responsible for analyzing and correlating large data sets to uncover threats and attack techniques under the mentorship of more senior members of the Cybercrime Disruption & Response team. A Cybercrime Identification Specialist will be tasked with collaborating with data science, threat research, and fraud teams to identify opportunities to develop analytical methods to detect advanced threat actors who utilize emerging tactics and techniques. Responsibilities:
Maintain an operational understanding of social engineering techniques and tradecraft, including familiarity with latest attack trends Manage operational risks related to ongoing social engineering disruption and response actions and implement mitigation steps Review collected technical data to identify potential indicators of threat activity, and evaluate threats for response options Assess third party communications and motivations, identify social engineering tradecraft and guide response activities Prepare in-depth threat activity reports detailing social engineering activities, identified indicators, victim identification, and other relevant essential elements of information (EEIs) Apply active defense models to Deny, Degrade, Disrupt, and Deter (4D) threat actors’ efforts Ensure latest approved social engineering tradecraft is being employed correctly and legally Identify novel social engineering tradecraft for inclusion in GIS threat reporting Coordinate cyber-crime disruption efforts, integrating global teams and operations groups managing complex problem sets Enable cross-functional stakeholders to identify gaps, develop solutions, and facilitate implementation Establish trusted relationships with key cross-functional business partners including multiple product teams, regional offices, and support functions Leverage knowledge of information security principles to mitigate financial crime and cyber-crime related activities Lead collaboration with peers, industry associations, law enforcement, and other trusted groups Build strategic partnerships across the company to reduce operational exposure to cyber-crime Must be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding Prepare and present on social engineering threat activities relative to company customers and clients Required Qualifications:
Experience with transactional data and data analytics 3+ years of experience in a technical role in the areas of Fraud detection, Threat hunting, Security Operations, Incident Response, Detection Engineering, DevSecOps, Security Engineering, and/or Cyber Threat Intelligence Direct experience working with various data management systems that include but are not limited to: IBM DB2, SQL Server, Python, Azure Cosmos DB, Hadoop, Teradata, Oracle, MySQL (MariaDB), and MongoDB Proficiency in the Python programming language including a solid understanding of object-oriented programming, data classes, test-driven development, performance testing, and continuous integration/development Proficiency with various Python data analytics and visualization libraries, frameworks, and tools that include but are not limited to: Pandas, NumPy, scikit-learn, matplotlib, seaborn, d3, and JupyterHub Experience explaining complex ideas, methods, processes, and workflows to peers and management Ability to drive large projects while dealing with competing requirements, priorities, and needs from across the organization in order to drive results Ability to navigate and work effectively across a complex, geographically dispersed organization Basic statistical knowledge and reasoning Experience with OSINT, killchains, social engineering and general methods
#J-18808-Ljbffr
Our Cybercrime Disruption & Response team within Bank of America’s Cyber Crime Defense function works to continuously strengthen the bank’s cybercrime posture through research, use of threat intelligence, and extensive use of data analysis. This team works with partners throughout the bank to both discover and develop mitigations from threats to help detect, prevent cybercrime and fraud from taking advantage of our customers or infrastructure. The position of Cybercrime Identification Specialist is responsible for analyzing and correlating large data sets to uncover threats and attack techniques under the mentorship of more senior members of the Cybercrime Disruption & Response team. A Cybercrime Identification Specialist will be tasked with collaborating with data science, threat research, and fraud teams to identify opportunities to develop analytical methods to detect advanced threat actors who utilize emerging tactics and techniques. Responsibilities:
Maintain an operational understanding of social engineering techniques and tradecraft, including familiarity with latest attack trends Manage operational risks related to ongoing social engineering disruption and response actions and implement mitigation steps Review collected technical data to identify potential indicators of threat activity, and evaluate threats for response options Assess third party communications and motivations, identify social engineering tradecraft and guide response activities Prepare in-depth threat activity reports detailing social engineering activities, identified indicators, victim identification, and other relevant essential elements of information (EEIs) Apply active defense models to Deny, Degrade, Disrupt, and Deter (4D) threat actors’ efforts Ensure latest approved social engineering tradecraft is being employed correctly and legally Identify novel social engineering tradecraft for inclusion in GIS threat reporting Coordinate cyber-crime disruption efforts, integrating global teams and operations groups managing complex problem sets Enable cross-functional stakeholders to identify gaps, develop solutions, and facilitate implementation Establish trusted relationships with key cross-functional business partners including multiple product teams, regional offices, and support functions Leverage knowledge of information security principles to mitigate financial crime and cyber-crime related activities Lead collaboration with peers, industry associations, law enforcement, and other trusted groups Build strategic partnerships across the company to reduce operational exposure to cyber-crime Must be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding Prepare and present on social engineering threat activities relative to company customers and clients Required Qualifications:
Experience with transactional data and data analytics 3+ years of experience in a technical role in the areas of Fraud detection, Threat hunting, Security Operations, Incident Response, Detection Engineering, DevSecOps, Security Engineering, and/or Cyber Threat Intelligence Direct experience working with various data management systems that include but are not limited to: IBM DB2, SQL Server, Python, Azure Cosmos DB, Hadoop, Teradata, Oracle, MySQL (MariaDB), and MongoDB Proficiency in the Python programming language including a solid understanding of object-oriented programming, data classes, test-driven development, performance testing, and continuous integration/development Proficiency with various Python data analytics and visualization libraries, frameworks, and tools that include but are not limited to: Pandas, NumPy, scikit-learn, matplotlib, seaborn, d3, and JupyterHub Experience explaining complex ideas, methods, processes, and workflows to peers and management Ability to drive large projects while dealing with competing requirements, priorities, and needs from across the organization in order to drive results Ability to navigate and work effectively across a complex, geographically dispersed organization Basic statistical knowledge and reasoning Experience with OSINT, killchains, social engineering and general methods
#J-18808-Ljbffr