The Information Security Engineer is responsible for building a Cyber Crime Malware Mitigation Program. The Cyber Crime Malware Mitigation Program Manager requires strong skills in malware research and an understanding of reverse engineering to thoroughly understand malicious code targeting our clients. The candidate will be responsible for building a program that sources malware samples targeting bank clients; static and dynamic malware analysis; sets direction for the program based on business impact and provide malware research reporting that provides recommendations to mitigate the malware through detection and prevention techniques. The Cyber Crime Malware Mitigation Program Manager will leverage existing resources to build out the program and champion the need to acquire net new capabilities where there are gaps. The candidate will be responsible for collaborating with other security teams and business partners to test and implement detective and preventative controls wherever possible to mitigate impact to the bank and its clients.
- Oversee malware research program that involves sourcing and prioritizing malware that poses the biggest threat to Bank of America customers and clients.
- Collaborates closely with online banking and authentication teams at Bank of America to develop and test indicators to detect compromised customers and clients.
- Builds tools to assist in analyzing and extracting configuration data from banking (or other) malware targeting Bank of America customers and clients.
- Produces concise, detailed written products highlighting key components of research and analysis.
- Engages effectively with multiple teams within the bank to achieve objectives and proactively mitigate losses from financial malware.
- Bachelors and/or Master’s Degree in Engineering, Computers Science, or related field
- Strong direct experience of analyzing malware, must have a solid understanding of dynamic/static analysis of malware
- Background in network traffic analysis; Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc
- Experience in encryption/obfuscation and how to reverse it is desired, but not required
- GCIH, GREM, GCFA or CISSP is desired, but not required
- Able to work independently on tasks, but also work well within a team environment
- Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by espionage actors
- Excellent communication skills and able to adapt to the audience
- 7+ years overall technical experience in either reverse engineering/malware analysis, threat intelligence, incident response, security operations, or related information security field.
- 5+ years experience in application design/engineering, including but not limited to programming/scripting, Windows/Linux system administration, RDBMS/NoSQL database administration, etc.
- 2+ years experience in penetration testing or ethical hacking
- 2+ years experience with reverse engineering tools like IDA Pro, Ghidra, OllyDbg, Windbg, and Wireshark.
- 2+ years experience of Python scripting to automate analysis and reverse engineering tasks (and Bash or Powershell or PerlC/C++).
- 2+ years experience of x86, ARM, and x64 architectures.
- Ability to reverse engineer binaries of various types including: x86, x64, C, C++, and .NET.
- Strong understanding of Windows Operating System Internals, Windows APIs, and writing and analyzing DLLs.
- Recent experience developing custom software and hardware tools to assist in performing reverse engineering and vulnerability analysis.
- Strong understanding of common network and application stack protocols, including but not limited to TCP/IP, SMTP, DNS, TLS, XML, HTTP, etc.
1st shift (United States of America)
Hours Per Week: