Incident Response & Management

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Your background

• Proven experience handling Information Security related events and incidents

• Experience in an operations focused role with an emphasis on incident response

• Demonstrable experience in the coordination of containment activities related to cyber security incidents

• Familiarity with security vulnerabilities exploits and APT tools, techniques and procedures

• Familiarity with network security vulnerabilities, exploits, malware and digital forensics desirable

• To be an excellent written and oral communicator who can adapt to their audience

• To be decisive and can make difficult decisions in what can be a high pressure environment

• Exercise independent judgment in methods, techniques and evaluation criteria for obtaining results

• Able to handle multiple competing priorities in a fast-paced environment and take action without causing an undue delay

• Supportive and can work well as part of a team as well as independently

• Can remain calm under pressure

• Ability to work in a strong team-orientated environment with a sense of urgency and resilience

• Must be able to think outside the box and develop solutions to accomplish seemingly impossible tasks while remaining risk and objective focused

• Security+ or equivalent certification required within six months of employment

What you can expect

Incident Management is part of the Response and Recovery whose aim is to respond to an incident in the manner that will reduce the impact and risk to the organization as much as possible. The Incident Manager will be required to take charge of Information Security events and incidents as they occur and co-ordinate and work collaboratively with colleagues across the business to resolution.

What you will do

• Establish oversight of information security events and incidents and communicate analysis, containment and remediation efforts to all business partners.

• Incident response and recovery plans will be available to use and should be maintained by the team. Any issues that require management escalation will be expected to be completed in a timely manner including all appropriate information in relation to risk and action times.

• The Incident Manager will be expected to provide status updates and post-incident reports for executives and stakeholders in non-technical terms encompassing risk, impact, likelihood, containment and remediation activities and threat actors.

• Risk management including briefing and recommending actions to executive leadership within Global Information Security and other business partners on events and incidents

• The incident manager will be part of a global 24/7 rotation and there is a requirement to work 8-10 weekends per year on an on-call basis as a primary contact. There will also be a requirement to cover the EMEA & APAC holidays.

This job is responsible for supporting a rapid, globally coordinated, and managed response for moderately complex information security events and cyber security threats that may impact the confidentiality, integrity, and availability of the bank's information and information systems. Key responsibilities include supporting the containment of escalated incidents, identifying and recovering abnormal and malicious activity, and reducing the impact and exposure to legal, financial, reputational, operational, and regulatory risks.

Shift:

1st shift (United States of America)

Hours Per Week:

40