Bank Of America Data Protection Threat Detection Lead 

United States, Illinois, Chicago 

815410191

Job Description:

Job Description:

Key Responsibilities:

• Develop and maintain security detection use cases across DLP channels (e.g., endpoint, cloud, network).
• Drive tuning and refinement of detection logic to improve fidelity and reduce false positives.
• Leverage knowledge of proxy architectures and internet connectivity patterns to optimize detection logic, ensure visibility and address evasion techniques.
• Partner with control owners (e.g., DLP, Email, Endpoint) to ensure detection alignment with business risk and policy coverage.
• Design and document automation playbooks to support consistent detection response workflows, ensuring they can be operationalized by the appropriate teams.
• Consult with policy and control owners on new projects and proposed changes to ensure detection coverage remains effective and aligned to data protection requirements.
• Review proposed control changes and new technology integrations to validate they meet detection and monitoring requirements.
• Map detection logic to threat models, including MITRE ATT&CK, and continuously evaluate coverage gaps.
• Collaborate with Response Managers, Threat Intelligence, and Engineering to validate and optimize alerting logic.
• Translate validated adversary behaviors from hunt exercises, threat intelligence, and incident trends into refined detection use cases and tuning strategies.
• Perform targeted detection-focused hunts within DLP channels to validate coverage and identify gaps.
• Review detection health and signal integrity, and lead quality assurance of rule performance.
• Create and maintain runbooks and detection documentation to support SOC operations and audit requirements.
• Provide technical oversight and mentorship to analysts and detection stakeholders across regions.
• Collaborate with audit and risk teams to demonstrate detection control effectiveness and alignment to regulatory expectations.

Core Competencies:

• Strong analytical skills with the ability to identify detection gaps and operational inefficiencies.
• Excellent communication and documentation skills; able to translate technical content for various audiences.
• Proactive, collaborative, and capable of working across global teams.
• Adept at managing competing priorities and leading through influence.

Required Qualifications

• 7+ years of experience in cybersecurity roles with a focus on detection, security operations, or threat response.
• Deep knowledge of SIEM platforms, EDR, DLP, UEBA, and cloud telemetry (e.g., Splunk, CrowdStrike, Symantec, Microsoft Purview, Sentinel, Wiz).
• Experience collaborating with threat hunting or conducting targeted hunts to identify detection gaps and inform use case development
• Familiarity with structured detection logic (EDM, Regex, YARA, Sigma) and signal tuning principles.
• Strong understanding of MITRE ATT&CK and threat-informed defense frameworks.
• Experience in regulated industries (e.g., financial services) preferred.

Skills:

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis
• Business Acumen
• Data and Trend Analysis
• Interpret Relevant Laws, Rules, and Regulations
• Risk Analytics
• Stakeholder Management
• Access and Identity Management
• Data Governance
• Encryption
• Information Systems Management
• Technology System Assessment