Threat Management Analyst
- Permanent, Full time
- Bank Of America / Merrill Lynch
- 28 Jun 17
Threat Management Analyst
Overview of Company
Bank of America is one of the world's largest financial institutions, serving individual consumers, small- and middle-market businesses and large corporations with a full range of banking, investing, asset management and other financial and risk management products and services. Bank of America Merrill Lynch is the marketing name for its international businesses and is a long-established participant in Asia Pacific with a presence since 1947. With 23 offices in 12 geographies, covering nine currencies, more than a dozen languages and five time zones, the company offers an integrated and comprehensive set of products and services across Global Corporate & Investment Banking, Global Markets and Wealth Management, serving the needs of individual, corporate, institutional and government clients, combining the best of local knowledge and global expertise.
Bank of America Merrill Lynch is committed to attracting, recruiting and retaining top diverse talent from across the globe. Our diversity and inclusion mission is to actively promote an inclusive work environment where all employees have the opportunity to achieve personal success and contribute to the growth of our business. Each of our global Employee Networks bring together employees, create dialogue and awareness in support of our Diversity and Inclusion mission.
The Threat Management Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats to develop a comprehensive picture of the cyber threat landscape. This includes research via the use of various sources; development of historical, trend, and link analysis; and written and oral reporting to provide actionable intelligence. The analyst will also work to proactively research new threats and establish trends and patterns among existing attacks to help predict future risks.
- Working in a tactical/strategic role cultivating intelligence sources, analyzing information, creating intelligence, and hunting for exposures or related incidents.
- You will be involved in researching current and emerging threats, malware analysis, campaign assessment, data collection and analysis.
- Researching threat actors and cultivating and assessing new sources of threat information and intelligence.
- Collecting, assessing, and cataloging threat indicators and responsibility for adding context to threat indicators to convey urgency, severity, and credibility
- Risk management
- Maintaining knowledge of threat landscape by monitoring OSINT and related sources.
- Tracking cyber threat actors and their infrastructure with a view to disrupting their activity.
- Collaborating with appropriate business partners and lines of business to analyze threats.
- Escalating issues to management in a timely manner with appropriate information regarding risk and impact.
- Exercising independent judgment in methods, techniques and evaluation criteria for obtaining results.
- Participate in technical bridge lines to facilitate the identification, mitigation and containment of cyber-security incidents.
- Experience as an intelligence analyst, and/or malware analyst is necessary.
- Bachelor's degree or higher-level education is a strong plus.
- Technical or information security certifications are also strong plus.
- Excellent organizational and analytical skills.
- Ability to communicate (verbal and written) with executives and stakeholders in non-technical terms while accurately encompassing risk, impact, likelihood, containment and remediation activities, and threat actor techniques, tactics and procedures.
- Excellent written and verbal communication skills.
- Ability to juggle multiple work efforts in a fast-paced environment and to be able to quickly change direction as needed.
- Strong influencing skills.
- Ability to prioritise conflicting tasks.
- Proven experience with Information Security related activities.
- Experience in an operations focused information security role.
- Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents.
- Familiarity with security vulnerabilities, exploits, malware and digital forensics.
- Familiarity with network security vulnerabilities, exploits and attacks.
- Familiarity with most operating systems, particularly UNIX and Windows.
- Ability to work in a strong team-oriented environment with a sense of urgency and resilience whilst able to work independently.
- Ability to work effectively with technical and non-technical business owners.
Posting Date: 30/05/2017
Full / Part-time: Full time
Hours Per Week: 40