Cyber Threat Intelligence (CTI) Rapid Team Technical Analyst
Company: Bank of America
Location: Denver
Posted on: September 4, 2024
|
|
Job Description:
Job Description:
At Bank of America, we are guided by a common purpose to help make
financial lives better through the power of every connection.
Responsible Growth is how we run our company and how we deliver for
our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great
place to work for our teammates around the world. We're devoted to
being a diverse and inclusive workplace for everyone. We hire
individuals with a broad range of backgrounds and experiences and
invest heavily in our teammates and their families by offering
competitive benefits to support their physical, emotional, and
financial well-being.
Cyber Threat Hunt Intelligence & Defense (CTHID) works with
partners, both internal and external, to reduce risk to the firm
and to the financial sector at large. The Rapid team provides
timely situational awareness, conducts initial triage and analysis
of threats and translates indicators of threat into actionable
information to reduce impact to the bank. Stakeholders include
cyber-security response teams, internal lines of business, senior
leadership and external organizations such as law enforcement,
industry peers, key suppliers, customers and intelligence sharing
partners.
The Rapid Cyber Threat Intelligence (RCTI) Technical Analyst serves
as a liaison between CTI and Cyber Security Defense (CSD), Cyber
Security Assurance (CSA) and Cyber Security Technology (CST) teams,
triaging cyber threat intelligence-related collections,
communicating updates on breaking situations to Operations
Leadership and engaging control owners. Rapid Analysts prepare
intelligence updates and analysis on indicators and warnings and
serve as CTHID s focal point for situational awareness within the
Cyber Threat Operations Center (CTOC). Rapid CTI analysts work as
part of a Follow-the-sun model to triage incoming raw and
pre-filtered information, data, social media, tips and vendor
alerts. Triage analysts collect, assess and prioritize threats, and
then communicate assessments in a manner that accurately conveys
urgency, severity, and credibility that support CSD controls and
inform senior and executive leadership.
Responsibilities:
--- Work in a tactical/technical role reviewing and cultivating
intelligence sources, analyzing information, creating intelligence,
and hunting for exposures or related incidents.
--- Participate with other triage analysts in a follow-the-sun
model to provide consistent support for Cyber Security Defense.
--- Contribute to daily internal stand-up calls, contribute to
intelligence briefings for staff and CSD leadership.
--- Work within the virtual or physical CTOC communicating with
internal teams and minimizing response times for critical
events.
--- Operate as part of a team of triage analysts responsible for
collecting, assessing, and prioritizing threats, and then
communicating that assessment in a manner that accurately conveys
urgency, severity, and credibility.
--- Identify, escalate and debate recommended actions that
strengthen controls.
--- Operate within an established Escalation Matrix to determine
report priority and messaging to operations and senior executives
throughout Global Information Security and the lines of business
and escalate issues to control teams and management in a timely
manner with appropriate information regarding risk and impact.
--- Continually and consistently review triage processes to
identify reforms that could add to increased speed, efficiency and
accuracy in reporting.
--- Ensure immediate notifications are followed by in-depth
coordination and collaboration with control owners and appropriate
business partners and lines of business.
--- Exercise independent judgment in methods, techniques and
evaluation criteria for obtaining results.
--- Participate in technical bridge lines to facilitate the
identification, mitigation and containment of cyber-security
incidents.
REQUIRED SKILLS
--- Technical or information security certifications are a strong
plus.
--- Familiarity with JIRA, Python, JAVA and SQL are a strong
plus.
--- Minimum 2 years' experience in information, cyber or physical
security.
--- Minimum 1 year working in a 24/5 or 24/7 operational
environment.
--- Experience with multiple social media platforms and tools to
monitor those platforms.
--- Experience working in a Security Operations, Incident
Management or Fusion Center operation.
--- Experience working with vendors and intel providers to manage
and enhance operations.
--- Demonstrated reading comprehension and the ability to summarize
accurately.
Desired Skills
--- Demonstrable technical proficiency (Information technology,
information, cyber or physical security, networking)
--- Bachelor's degree or higher-level education.
--- Excellent organizational and analytical skills.
--- Ability to communicate (verbal and written) with stakeholders
in non-technical terms.
--- Excellent written and verbal communication and demonstrated
presentation skills.
--- Ability to handle multiple work efforts in a fast-paced
environment and to be able to quickly change direction as
needed.
--- Ability to prioritize conflicting tasks.
--- Exposure to cyber threat intelligence related activities,
including Open Source Intelligence and social media monitoring.
--- Familiarity with cyber threat landscape, geopolitical issues
that could have cyber impacts, security vulnerabilities, exploits,
malware, digital forensics, network security vulnerabilities,
exploits and attacks.
--- Ability to work in a strong team-oriented environment with a
sense of urgency and resilience while being a self-starter and able
to work independently.
--- Ability to work effectively with technical and non-technical
business owners.
Job Band:
H5
Shift:
1st shift (United States of America)
Hours Per Week:
40
Weekly Schedule:
Referral Bonus Amount:
0
--> Associated topics: air defense, army, army national guard,
coast guard, defense contract, infantryman, marines, national
guard, sco, uav
Keywords: Bank of America, Denver , Cyber Threat Intelligence (CTI) Rapid Team Technical Analyst, Professions , Denver, Colorado
Click
here to apply!
|