Lead Analyst

Job Description:

About us

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Global Business Services

Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations.

Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation.

In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services.

Process Overview

The Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary data, and customer information. The team develops the Bank’s Information Security strategy and policy, manages the Information Security program and identifies and addresses vulnerabilities, Develops, deploys and manages a risk-based controls portfolio, Manages and operates global security operations center that monitors, detects and responds to cybersecurity incidents.

Job Description

The Threat Reduction Analyst develops and executes evidence-based operations to interdict or mitigate external digital threats. This includes, but not limited to, counter phishing, vishing, and smishing, reporting network attacks, and engaging fraud found on the Internet or social media. Threat Reduction Analysts build and maintain relationships with service providers to ensure timely investigations and stay with every issue until resolution. 

Responsibilities

• Receives, Investigates, Evaluates, and Actions Cyber Security issues.
• Provides personalized engagement support to impacted entities within the larger response effort.
• Prepares detailed case synopsis recording all operational activities.
• May also provide response services to GIS/Incident Management as needed.
• Provide coverage for AMRS Team member during APAC business hours.

Requirements

Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)

Certifications, If Any: CEH, Security+, CCNA or any equivalent

Experience Range: 8+ years

Foundational skills:

• A broad knowledge of computer networking, log analysis, information security principles, and adversarial tools and techniques. Tools such as Jira, Splunk, Instinct, and Toolkit.
• Strong analytical skills/ problem solving/ conceptual thinking.
• Able to identify, analyze and address problems to resolve issues with minimal negative impact and risk to the organization.
• Confident and capable written and oral presentation skills.
• Strong project management skills.
• Ability to work independently with little oversight managing multiple investigations simultaneously.
• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
• Must have strong leadership skills and qualities which enable you to work with peers and various levels of management.

Desired skills:

• Familiarity with Laws, Rules, and Regulations (LRRs) attendant Financial Institutions Information Security requirements including Privacy LRRs e.g., GDPR, NYDFS, SEC Guidelines, MAS Requirements, CCPA, etc.
• Familiarity with NIST CSF, NIST IR Lifecycle, and NIST NICE.
• Familiarity with MITRE ATT&CK and Cyber Kill Chain.
• Experience in the remediation of Information Security risks/vulnerabilities
  Experience with network monitoring and intrusion detection systems
  Ability to work with Technical and Non-Technical persons
  Persistent and Logical investigator

Work Timings: 7:30 to 20:30 (weekdays) + Weekends

Job Location: Gurugram