Bank Of America OJ025 - Lead Analyst 

India, Telangana, Hyderabad 

901107892

Job Description*

The Evaluation Analyst plays an essential role in the Cyber Threat Defense Framework. The CTEP Evaluation Analyst conducts threat and incident evaluations and identifies opportunities for process and control enhancement. They support the CTEP Evaluation Manager in improving defense capabilities based on threats, incidents, and issues throughout the bank. The analyst assists ongoing evaluations by comprehensively documenting threats and ensuring all threats/incidents are comprehensive, complete, and accurate. Analyses include reviews of:

• Threats identified from internal and external intelligence sources.

• Cyber incidents managed at the Bank (e.g., third-party incidents).

• Assessments conducted by GIS teams (e.g., Adaptive Threat Simulations).

Responsibilities*

• Analyzes threats and incidents sourced from GIS partner teams to identify and triage process and control weaknesses in context of risks arising from the threat.

• Documents defensive posture, process and control weaknesses, and overall risk of each threat.

• Reviews threats/incidents holistically to identify broad themes and strategic issues, enabling GIS to protect against cyber threats effectively and proactively.

Requirements*

Education*BE/B.Tech/MCA

Certifications If Any : NA

6-10 Years

Foundational skills*

• Strong technical writing capabilities; writing technical content in a broadly consumable format.
• Functional knowledge of information security, IT infrastructure, and risk management.
• Ability to prioritize and manage time effectively and work independently with minimal direction.
• Knowledge of Cyber Industry Frameworks like MITRE/NIST.
• Strategic thinking AND attention to detail – ability to think “like a threat actor.”
• Proficient computer/analytics skills – esp. Jira, Excel, Word, Power Point, Alteryx, etc.

Desired skills

• Experience with cyber threat intelligence collection, analysis, and reporting.
• Experience responding to and managing security incidents and events.
• Experience creating, executing, and documenting assessments and exercises.
• General understanding of bank policies, specific to data and privacy, third parties, incident management, vulnerability management, etc.

Work Timings*12:30 PM to 09:30 PM

Hyderabad, Mumbai