Bank Of America Malware Prevention Analyst Global Information Security 

Australia, New South Wales, Sydney 

234992578

Your background

• Strong direct experience of analyzing malware

• Must have a solid understanding of dynamic/static analysis of malware

• Background in network traffic analysis related to malware

• Experience in encryption/obfuscation and how to reverse engineer (desirable)

• GCIH, GREM, GCFA, CISSP or CCSP desirable

• At least 3+ years of direct experience analyzing malware (or show equivalent competency)

• Able to work independently on tasks

• Able to work well within a team environment

• Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by various threat actors

• Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP etc.

• Ability to create scripts and other forms of automation

• Excellent communication skills, able to adapt a message to various audiences

• Knowledge/experience of at least one major cloud services provider (AWS, GCP, Azure) technologies

What you can expect

CTD Malware Defense team operates 24x7 on follow-the-sun model having teams based in APAC, EMEA and AMRS. This role may require working on public holidays and weekends as part of 24x7 coverage.

What you will do

• Analyze various malware alerts and corresponding events

• Respond to actions by threat actors and disrupt their attempted actions

• Perform static and dynamic forensic analysis of malware

• Perform disk based and memory-based analysis of systems

• Execute and improve relevant risk management strategies

• Perform real-time analysis and trending of security log data from various security devices and systems.

• Maintain data sources feeding the log monitoring system, develop and maintain detection and alerting rules.

• Respond to user incident reports and evaluates the type and severity of security events.

• Execute initial triage of incidents to rule out false positives.

• Identify recurring security issues and risks and develops mitigation plans and recommends process improvements.

• Interpret and apply security policies and procedures.

• Establish escalation processes for security incidents and develops contingency plans and disaster recovery procedures.