Info Security Incident Management Specialist II A

About us

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Global Business Services

Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations.

Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation.

In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services.

Process Overview

The Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary data, and customer information. The team develops the Bank’s Information Security strategy and policy, manages the Information Security program and identifies and addresses vulnerabilities, Develops, deploys and manages a risk-based controls portfolio, Manages and operates global security operations center that monitors, detects and responds to cybersecurity incidents.

Job Description

The Cyber Security Defense (CSD) Cyber Security Operations (CSO) is responsible for protecting sensitive data from insider threats, securing and defending digital identities within the corporate network, and delivering a globally coordinated response and recovery capability for information security events

Responsibilities

Incident Management is part of the Incident Response and Management Global Team. The role of the Incident Manager is to coordinate the response and recovery activities from information security incidents. This includes collaboration with appropriate response partners, assist with determining the root cause of incidents and work with stakeholders and responsible parties to remediate any identified control gaps or failures; Escalate issues to management in a timely manner with appropriate information regarding severity, exposure, and action items; this role requires critical thinking and investigative mindset coupled effective written, and verbal communication skills

Requirements

Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)

Certifications, If Any: CEH, Security+, CCNA or any equivalent

Experience Range: 9 – 12 years

Foundational skills:

• Experience in identifying threats and applying security controls
• 7 + years of experience with Information Security related activities.
• 7 + years of experience in an operations focused on information security role.
• Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents. Strong analytical, tactical, and critical thinking ability.
• Ability to lead technical bridge lines to develop quick containment solutions to cyber-security incidents.
• Ability to handle multiple competing priorities in a fast-paced environment.
• Ability to communicate effectively across all levels of a global financial institution.
• Familiarity with security vulnerabilities, exploits, malware, and digital forensics as they relate to Incident Response.
• Security+ or equivalent certification required within 6 months of employment.
• Experience and ability to quickly use open-source tools to gather information on a domain or subject Self-motivated individual willing to learn new skills and accomplish goals within a short timeframe
• Good understanding of Security Event Management tools, techniques, and processes
• Ability to leverage technical skills to correlate data to streamline analysis process
• Familiarity with and basic understanding of networking systems, firewalls, simple DNS & DHCP, security vulnerabilities, exploits, attacks, and malware
• Ability to relate technical issues to non-technical associates / business owners understanding of vulnerabilities, exploitation, tools, and techniques especially ArcSight (SIEM tool)
• Excellent communication and presentation skills
• Microsoft Office applications

Desired skills:

• Familiarity with Laws, Rules, and Regulations (LRRs) attendant Financial Institutions Information Security requirements including Privacy LRRs e.g., GDPR, NYDFS, SEC Guidelines, MAS Requirements, CCPA, etc.
• Familiarity with NIST CSF, NIST IR Lifecycle, and NIST NICE.
• Familiarity with MITRE ATT&CK and Cyber Kill Chain.
• College Degree - (B.S, M.S.) in Digital Forensics, Computer Science, Information Security, or a related field.

Work Timings: 7:30 am to 4:30 pm and 9:30 am to 6:30 pm

Job Location: Mumbai / Chennai/Hyderabad