Vice President (Manager - Specialist Info Security Engineer)

  • Competitive
  • Singapore
  • Permanent, Full time
  • Bank Of America / Merrill Lynch
  • 27 Sep 16

Vice President (Manager - Specialist Info Security Engineer)

Job Description:
Overview of Company
Bank of America is one of the world's largest financial institutions, serving individual consumers, small- and middle-market businesses and large corporations with a full range of banking, investing, asset management and other financial and risk management products and services. Bank of America Merrill Lynch is the marketing name for its international businesses and is a long-established participant in Asia Pacific with a presence since 1947. With 23 offices in 12 geographies, covering nine currencies, more than a dozen languages and five time zones, the company offers an integrated and comprehensive set of products and services across Global Corporate & Investment Banking, Global Markets and Wealth Management, serving the needs of individual, corporate, institutional and government clients, combining the best of local knowledge and global expertise.

Bank of America Merrill Lynch is committed to attracting, recruiting and retaining top diverse talent from across the globe. Our diversity and inclusion mission is to actively promote an inclusive work environment where all employees have the opportunity to achieve personal success and contribute to the growth of our business. Each of our global Employee Networks bring together employees, create dialogue and awareness in support of our Diversity and Inclusion mission.

Position Description
The Cyber Event Response and Network/Application Security Team's mission is to reduce risk across Bank of America by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity and confidentiality of information at Bank of America.

Key Responsibilities
This position will be overseeing the team and will be responsible for:

  • Analyzing various malware samples, understanding remediation efforts, track espionage actors and their infrastructure, and report on those findings to our customers.
  • Come up with innovative ways to track progression of malware families, infrastructure, and campaigns conducted by espionage actors
  • Accountability for researching, designing, engineering, implementing, and supporting information security & technology systems (software & hardware) and measuring, preventing, detecting, and mitigating security attacks targeting network and application layers
  • Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank's assets
  • Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.)
  • Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results
  • Work leadership will be required when assigning work, resolving problems
    Function as a Subject Matter Expert in communicating security issues to other security engineers and non-technical representatives from other domains
  • Superior organizational and communication skills.
  • Able to effectively represent the Perimeter Security team in meetings with other components of Global Information Systems(GIS), and representatives of Lines of Business (LOB).

Key Requirements
  • A minimum of 10 years of experience in the information security field with exemplary people skills are a must
  • Extensive knowledge of security threat vectors, networking, BGP, network security, the TCP/IP, HTTP/HTTPs, FTP, IRC, RPC, DNS stack and application security, etc…
  • Technologies include IDS/IPS, netflow analysis, DDoS mitigation, and Arcsight
    Exceptional organizational skills, ability to manage multiple priorities in a fast-paced dynamic environment
  • Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
  • Ability to design industry leading solutions to zero day security threats required
    In-depth knowledge of common network protocols, packet formats, and common DoS attack types and security vulnerabilities is required
  • 3+ years of direct experience in incident response surrounding malware related events(or must show equivalent competency)
  • Investigate computer systems to identify malware infections or evidence of malware related activity
  • Must have solid understanding of Microsoft Windows malware
  • Must have a solid understanding of dynamic/static analysis of malware
  • Background or experience in static analysis a plus
  • Must be able to think outside the box and develop solutions to accomplish difficult tasks
  • Ability to create scripts to automate certain tasks a plus
  • Solid background in network traffic analysis
  • Experience in encryption / obfuscation and how to reverse it a plus
  • Excellent written and verbal communication skills
  • Must be able to document findings, create reports and document processes to improve workflow

Desired Job Skills:
  • Bachelor's degree in Information Technology or related field
  • Detailed, bank specific access administration knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
  • Strong analytical skills/problem solving/conceptual thinking
  • Ability to work with Technical and non-Technical business owners
  • Assist with internal efficiencies projects and development
  • Experience with Python and other programming languages a plus
  • Experience with Web Application Firewalls (WAF) a plus
  • Experience with network layer detection and mitigation devices including Arbor SP, Arbor TMS, and TippingPoint a strong plus
  • Experience with Unix system administration a plus
  • Strong network protocol & packet analysis preferred; Cisco & CISSP certifications a strong plus

Bank of America Merrill Lynch is an equal opportunities employerVice

Posting Date: 14/09/2016
Location: Singapore - Singapore

Full / Part-time: Full time