This job board retrieves part of its jobs from: Toronto Jobs | Emplois Montréal | IT Jobs Canada

Liberty and Prosperity for all - new job offers every day

To post a job, login or create an account |  Post a Job

Defensive Research – ATM Senior Security Engineer

Bank of America

This is a Contract position in Washington, NJ posted September 23, 2021.

Job Description: Are you passionate about working with the best information security team in the world?

Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat.

In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Defensive Research – ATM Senior Security Engineer: As an experienced professional, provide advice to client management with regard to moderately complex security issues.

Assists in the review, development, testing and implementation of security plans, products and control techniques.

Coordinates the reporting for data security incidents.

Provides technical support to the client, management and staff in risk assessments and in the implementation of appropriate data security procedures and products.

Monitors changes to the threat landscape that could affect information security policy, standards and procedures.

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols.

Administers security policies to control access to systems and maintains the company firewall.

Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors.

Exercises good judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.

Work leadership may be provided by assigning work and resolving problems.

Successful candidates for this role typically have 5-7 years of IT experience.

Required skills: Strong understanding of Windows Operating System Internals Solid knowledge of voice and data networks, major operating systems, active directory, and their associated peripherals Must have a solid understanding of Windows security logging and endpoint detection and response utilities Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.

Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.

Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds Ability to effectively code in a scripting language i.e.

Python, Perl, etc.

Desired skills: Proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.

Background in Red Teaming and/or Penetration testing Previous experience working in the financial services industry Certifications in OSCP, GPEN, CISSP are a plus Enterprise Role Overview: Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.

Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols.

Maintains or reviews security systems and assesses security policies that control access to systems.

Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information.

Follows standard practices and procedures in analyzing situations or data.

Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band: H4 Shift: 1st shift (United States of America) Hours Per Week: 40 Weekly Schedule: Referral Bonus Amount: 0 > Job Description: Are you passionate about working with the best information security team in the world?

Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat.

In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Defensive Research – ATM Senior Security Engineer: As an experienced professional, provide advice to client management with regard to moderately complex security issues.

Assists in the review, development, testing and implementation of security plans, products and control techniques.

Coordinates the reporting for data security incidents.

Provides technical support to the client, management and staff in risk assessments and in the implementation of appropriate data security procedures and products.

Monitors changes to the threat landscape that could affect information security policy, standards and procedures.

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols.

Administers security policies to control access to systems and maintains the company firewall.

Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors.

Exercises good judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.

Work leadership may be provided by assigning work and resolving problems.

Successful candidates for this role typically have 5-7 years of IT experience.

Required skills: Strong understanding of Windows Operating System Internals Solid knowledge of voice and data networks, major operating systems, active directory, and their associated peripherals Must have a solid understanding of Windows security logging and endpoint detection and response utilities Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.

Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.

Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds Ability to effectively code in a scripting language i.e.

Python, Perl, etc.

Desired skills: Proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.

Background in Red Teaming and/or Penetration testing Previous experience working in the financial services industry Certifications in OSCP, GPEN, CISSP are a plus Enterprise Role Overview: Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.

Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols.

Maintains or reviews security systems and assesses security policies that control access to systems.

Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information.

Follows standard practices and procedures in analyzing situations or data.

Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band: H4 Shift: 1st shift (United States of America) Hours Per Week: 40 Weekly Schedule: Referral Bonus Amount: 0 Job Description: Are you passionate about working with the best information security team in the world?

Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat.

In addition, the CSD team drives out the enterprise-wide cyber exercise program.

Defensive Research – ATM Senior Security Engineer: As an experienced professional, provide advice to client management with regard to moderately complex security issues.

Assists in the review, development, testing and implementation of security plans, products and control techniques.

Coordinates the reporting for data security incidents.

Provides technical support to the client, management and staff in risk assessments and in the implementation of appropriate data security procedures and products.

Monitors changes to the threat landscape that could affect information security policy, standards and procedures.

Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs.

Researches attempted efforts to compromise security protocols.

Administers security policies to control access to systems and maintains the company firewall.

Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors.

Exercises good judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.

Work leadership may be provided by assigning work and resolving problems.

Successful candidates for this role typically have 5-7 years of IT experience.

Required skills: Strong understanding of Windows Operating System Internals Solid knowledge of voice and data networks, major operating systems, active directory, and their associated peripherals Must have a solid understanding of Windows security logging and endpoint detection and response utilities Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.

Ability to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.

Works well independently and as part of a team comprised of individuals with a variety of skills and backgrounds Ability to effectively code in a scripting language i.e.

Python, Perl, etc.

Desired skills: Proficiency with Metasploit, Burp Suite, Cobalt Strike, etc.

Background in Red Teaming and/or Penetration testing Previous experience working in the financial services industry Certifications in OSCP, GPEN, CISSP are a plus Enterprise Role Overview: Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems.

Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols.

Maintains or reviews security systems and assesses security policies that control access to systems.

Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information.

Follows standard practices and procedures in analyzing situations or data.

Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift: 1st shift (United States of America) Hours Per Week: 40