Lead Analyst

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Global Business Services

Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation.

In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services

Process Overview

The Cyber Threat Defense team has a global footprint and operates 24x7 leveraging follow-the-sun model. This is a global role and candidate is expected to closely collaborate with other Cyber Defense teams based in different parts of the world on day-to-day basis.

Job Description

The role is in the Cyber Threat Defense (CTD) team of the bank. Key responsibilities of the role include detecting and responding to cyber-attacks against bank's applications as per established processes and procedures to ensure security, integrity, and confidentiality of the information, contribute to enhancing detection and preventive controls, and continually improve incident response capabilities.

Responsibilities

• Prevent, Detect, and respond to cyber-attacks against bank's applications by leveraging advanced tools, processes & procedures, and your technical experience & skills.

• Perform analysis to determine timelines, TTPs used by Threat Actors and impact of the incidents and report them to Cyber Incident Management team as per the process.

• Briefs management and control SMEs on above analysis and collaborate to drive proactive control enhancements.

• Create and update detection rules to detect emerging threats by leveraging logs from various systems and applications.

• Create and update threat prevention and detection rules on Web Application to detect and block malicious activities.

• Collaborate with vendors and internal teams to fix any bugs, control issues or control upgrades.

• Apply a proactive understanding of cyber security threats to prevent incidents, enhance controls, and drive enterprise change

Requirements

Education - BE/B.Tech/MCA

Experience Range - 8+ Years

Foundational skills

• Hands-on experience of 8+ years of preventing, detecting, and responding to application layer attacks in a large enterprise environment.

• Strong understanding of common exploits, web application attacks (OWAS top 10 security risk and beyond), network protocols and infrastructure/application logs (eg weblogs, AD logs, security logs) for an efficient intrusion analysis

• Advanced log analysis skills leveraging tools such as Splunk or other SIEM solutions and scripting/regular expressions to find targeted attacks and hunting exercises.

• Good verbal and written communication skills for effective collaboration and incident reporting in a global environment

• Broader understanding Cyber threat environment, common TTPs used by Threat Actors and Defensive controls to defend against such threats

Desired skills

• Hands-on experience of managing rules on IPS/IDS on leading vendors is desirable

• Hands-on experience of creating and updating Web Application Firewall rules is strongly desirable.

Work Timings - 6:30 AM - 10:30 PM

Job Location - Hyderabad, Chennai, Mumbai