View Job

Adaptive Threat Replication Engineer

Bank of America | Denver CO 80202 USA | Full Time | Posted: 08/16/2019

Job Descriptiontop

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

The Adaptive Threat Replication (aka Red) team within the Cyber Security Defense division of GIS is looking for a talented and experienced engineer to join a team of world-class offensive security (Red Team) talent. This engineer will assist in mentoring, training, and actively testing with a suite of teams who validate controls, test technologies, replicate threats, and research emerging threats. The engineer in this role is expected to provide technical expertise to junior engineers, coordinate with senior leadership on development projects, and assisting the monitoring and response function understand the techniques used so those functions can practice and improve their capability to respond and recover against a realistic threat actor. The engineer in this role should be equally capable of operating on an assessment and mentoring less experienced subordinates. Required Skills: - Must have experience effectively interacting with a diverse set of personalities and talent - Must be able to effectively communicate to anyone in the organization, from the most technical operator to the least technical business partner - Must be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.) - Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals - Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. - Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. - Ability to effectively code in a scripting language (Python, Perl, etc.) - Desirable certifications: OSCP, GPEN, OSCE - Prefer previous experience working in the financial industry

The Adaptive Threat Replication (aka Red) team within the Cyber Security Defense division of GIS is looking for a talented and experienced engineer to join a team of world-class offensive security (Red Team) talent. This engineer will assist in mentoring, training, and actively testing with a suite of teams who validate controls, test technologies, replicate threats, and research emerging threats. The engineer in this role is expected to provide technical expertise to junior engineers, coordinate with senior leadership on development projects, and assisting the monitoring and response function understand the techniques used so those functions can practice and improve their capability to respond and recover against a realistic threat actor. The engineer in this role should be equally capable of operating on an assessment and mentoring less experienced subordinates.

Required Skills:
- Must have experience effectively interacting with a diverse set of personalities and talent
- Must be able to effectively communicate to anyone in the organization, from the most technical operator to the least technical business partner
- Must be very proficient with the common tools associated with penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)
- Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals
- Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors.
- Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms.
- Ability to effectively code in a scripting language (Python, Perl, etc.)
- Desirable certifications: OSCP, GPEN, OSCE
- Prefer previous experience working in the financial industry
• Exploit development
• Reverse Engineer
• Vulnerability Analysis

Shift:

1st shift (United States of America)

Hours Per Week:

40

Job Detailstop

Location Denver, CO, 80202, United States
Categories Information Technology

Location Maptop

Contact Informationtop

Contact Name -
How to apply Employer provided a link where your application will be accepted. Click on the link below and follow instructions.
Apply Click Here (apply to job)
Job Code 19055218-3
Advertisement

Featured Employers - view all