JOB DESCRIPTION:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

POSITION SUMMARY:

The Cyber Crime Defense function within Global Information Security is responsible for working across the enterprise to reduce exposure to cyber crime thereby instilling continued confidence of our clients, customers, and shareholders.
The Cyber Crime Disruption Analyst is responsible to assist in executing the overall Cyber Crime Disruption strategy. The candidate will provide specialized support across various lines of business to help mitigate social engineering risks to the enterprise, while gathering critical intelligence information allowing for improved strategic fraud response actions. The candidate will work with technical teams to identitfy cyber-crime activities in flight, as well as provide specialized technical expertise to facilitate daily operational disruption activities.
The candidate will review social engineering attack activities to evaluate response possibilities, identify novel techniques or tactics and ensure inclusion in ongoing awareness activities, as well as coach junior analysts on relevant tradecraft. Additionally, the candidate will partner with enterprise security teams to improve upon and deliver social engineering awareness content, and enhance detection and response capabilities. The candidate will work closely with fraud analysts on analytic projects supporting the bank’s initiatives to minimize the bank’s exposure to cyber-crime.

REQUIRED QUALIFICATIONS:

• A broad knowledge of information security principles, cybercrime and online fraud activities
• Deep understanding of social engineering tactics and techniques, including victim recruitment strategies
• Strong leadership skills and qualities which enable you to work with peers and various levels of management
• 3+ years of experience in Counter-Intelligence or Human Intelligence collections
• 3+ years of relevant law enforcement experience
• Exceptional executive presentation and communication skills
• Deep understanding of financial fraud and the cyber-crime life cycle
• Working knowledge of relevant laws, rules and regulations related to cyber-crime
  This job will be open and accepting applications for a minimum of seven days from the date it was posted

• Maintain an operational understanding of social engineering techniques and tradecraft, including familiarity with latest attack trends
• Manage operational risks related to ongoing social engineering disruption and response actions and implement mitigation steps
• Review collected technical data to identify potential indicators of threat activity, and evaluate threats for response options
• Assess third party communications and motivations, identify social engineering tradecraft and guide response activities
• Prepare in-depth threat activity reports detailing social engineering activities, identified indicators, victim identification, and other relevant essential elements of information (EEIs)
• Apply active defense models to Deny, Degrade, Disrupt, and Deter (4D) threat actors’ efforts
• Ensure latest approved social engineering tradecraft is being employed correctly and legally
• Identify novel social engineering tradecraft for inclusion in GIS threat reporting
• Coordinate cyber-crime disruption efforts, integrating global teams and operations groups managing complex problem sets
• Enable cross-functional stakeholders to identify gaps, develop solutions, and facilitate implementation
• Establish trusted relationships with key cross-functional business partners including multiple product teams, regional offices, and support functions
• Leverage knowledge of information security principles to mitigate financial crime and cyber-crime related activities
• Lead collaboration with peers, industry associations, law enforcement, and other trusted groups
• Build strategic partnerships across the company to reduce operational exposure to cyber-crime
• Must be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Prepare and present on social engineering threat activities relative to company customers and clients.