Create a Job Alert.

Enter your email below to save this search and receive job recommendations for similar positions.
Thank you. We'll send jobs matching these to
You already suscribed to this job alert.
US
0 suggestions are available, use up and down arrow to navigate them
What job do you want?

Adaptive Threat Simulation - Senior Red Team Operator job in Washington at Bank of America

Create Job Alert.

Get similar jobs sent to your email

List of Jobs

Apply to this job.
Think you're the perfect candidate?
Apply on company site
Adaptive Threat Simulation - Senior Red Team Operator at Bank of America

Adaptive Threat Simulation - Senior Red Team Operator

Bank of America Washington, DC Full Time
Apply on company site

Job Description:

Adaptive Threat Simulation - Senior Red Team Operator

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities via vulnerability assessment, penetration testing, and/or social engineering across a wide variety of platforms and systems. Clearly outlines and documents risk impacts of test findings in reports. Assists Lines of Businesses with questions regarding vulnerabilities and remediation efforts. Successful candidate will be a team-oriented individual with excellent communication skills at explaining the so what? of a vulnerability issue to a non-technical audience. Individual will be expected to work with other members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. Typically 7-10 years of IT experience, with 5 of those focused on offensive security testing. 

Required:

  • Must have experience and be very proficient with the common tools associated with red teaming and penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)- Must have experience in developing implants and evading common security tools
  • Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals, along with MITRE ATT&CK TTPs 
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. 
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. 
  • Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds 
  • Ability to effectively code in a scripting language (Python, C#, PowerShell, C, etc.) 

Desired:

  • OSCP, GPEN, OSCE Certifications
  • Previous experience working in the financial industry a plus
     

Enterprise Role Overview:

Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0 -->

Job Description:

Adaptive Threat Simulation - Senior Red Team Operator

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities via vulnerability assessment, penetration testing, and/or social engineering across a wide variety of platforms and systems. Clearly outlines and documents risk impacts of test findings in reports. Assists Lines of Businesses with questions regarding vulnerabilities and remediation efforts. Successful candidate will be a team-oriented individual with excellent communication skills at explaining the so what? of a vulnerability issue to a non-technical audience. Individual will be expected to work with other members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. Typically 7-10 years of IT experience, with 5 of those focused on offensive security testing. 

Required:

  • Must have experience and be very proficient with the common tools associated with red teaming and penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)- Must have experience in developing implants and evading common security tools
  • Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals, along with MITRE ATT&CK TTPs 
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. 
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. 
  • Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds 
  • Ability to effectively code in a scripting language (Python, C#, PowerShell, C, etc.) 

Desired:

  • OSCP, GPEN, OSCE Certifications
  • Previous experience working in the financial industry a plus
     

Enterprise Role Overview:

Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Job Band:

H4

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description: Adaptive Threat Simulation - Senior Red Team Operator

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

As an experienced professional, performs research, analysis, and testing of computer/network vulnerabilities via vulnerability assessment, penetration testing, and/or social engineering across a wide variety of platforms and systems. Clearly outlines and documents risk impacts of test findings in reports. Assists Lines of Businesses with questions regarding vulnerabilities and remediation efforts. Successful candidate will be a team-oriented individual with excellent communication skills at explaining the so what? of a vulnerability issue to a non-technical audience. Individual will be expected to work with other members of Global Information Security, technical stakeholders, risk partners, and executive leadership to ensure that risk is identified and remediated across a variety of Lines of Businesses. Typically 7-10 years of IT experience, with 5 of those focused on offensive security testing. 

Required:

  • Must have experience and be very proficient with the common tools associated with red teaming and penetration testing (Metasploit, Burp Suite, Cobalt Strike, etc.)- Must have experience in developing implants and evading common security tools
  • Must have a solid understanding of voice and data networks, major operating systems, active directory, and their associated peripherals, along with MITRE ATT&CK TTPs 
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups and both state and non-state sponsored threat actors. 
  • Must be able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms. 
  • Must be able to both work independently as well as effectively work in teams with individuals with a variety of skills and backgrounds 
  • Ability to effectively code in a scripting language (Python, C#, PowerShell, C, etc.) 

Desired:

  • OSCP, GPEN, OSCE Certifications
  • Previous experience working in the financial industry a plus
     

Enterprise Role Overview:

Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor. Shift:

1st shift (United States of America)

Hours Per Week: 

40

Recommended Skills

  • C (Programming Language)
  • C Sharp (Programming Language)
  • Communication
  • Computer Security
  • Finance
  • Leadership
Apply to this job.
Think you're the perfect candidate?
Apply on company site

Help us improve CareerBuilder by providing feedback about this job:

Job ID: 21064486

CareerBuilder TIP

For your privacy and protection, when applying to a job online, never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction. Learn more.

By applying to a job using CareerBuilder you are agreeing to comply with and be subject to the CareerBuilder Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.