Senior Vice President – Cyber Events Response Team Lead

  • Competitive
  • Singapore
  • Permanent, Full time
  • Bank Of America / Merrill Lynch
  • 20 Jan 17

Senior Vice President – Cyber Events Response Team Lead

Job Description:
Team Overview:

The Cyber Security Operations (CSO) team's aim is to protect the bank and have an end to end view and influence over all security controls at the Bank. The Cyber Event Response and Network/Application Security Team's mission is to reduce risk by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity and confidentiality of information. In addition the CERT team is a key part of CSO that provides surveillance, detection, analysis, event handling and containment of security incidents within their technical scope as well as address the root cause of the events and how to improve the Bank's cyber security based on lessons learned.

Role Summary:

The regional Cyber Event and Response Team (CERT) Lead is responsible and accountable for the delivery of Cyber Event Monitoring and Response activity during the APAC timeframe as part of the global Cyber Security Operations 'follow the sun' model (24 x 7 x 365).

Role Responsibilities:
Core Responsibilities:

  • Lead a culture of zero tolerance risk management through intrusive supervision of operational activity at each stage of the Cyber Security Operations workflow
  • Accountable for timely containment and remediation of any information security threats against the Bank
  • Leadership of a team of information security specialists who perform a variety of technical functions
  • Ensure a culture of continuous improvement, transparency and drive
  • Assist with internal efficiencies, projects and development
  • Build consensus and cooperation as well as the ability to influence, interact and negotiate with senior leadership in the organization
  • Organizational and communication skills
  • Risk management

Technical Responsibilities:
This position will be overseeing the team and responsible for:
  • Work with Analysts to analyzing various malware samples, understand remediation efforts, track espionage actors and their infrastructure, and report on findings to stakeholders
  • Accountability for researching, designing, engineering, implementing, supporting and improving information security & technology systems (software & hardware)
  • Accountable for measuring, preventing, detecting and mitigating security attacks targeting network and application layers
  • Develop, implement and improve security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.)
  • Exercise judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results
  • Function as a Subject Matter Expert in communicating security issues to other security engineers and non-technical representatives from other domains
  • Able to effectively represent the Perimeter Security team in meetings with other components of Global Information Systems (GIS), and representatives of Lines of Business (LOB)
  • Leadership in line with Bank of America guidelines will be required when assigning work, resolving problems

Qualifications:
  • Proven experience with Information Security related activities
  • Leadership experience in an operations focused information security role
  • Bachelor's degree in Information Technology or related field (desirable)
  • Familiarity with security vulnerabilities, exploits, malware and digital forensics (desirable)

Required Experience, Skills:
  • A minimum of 10 years of experience in the information security field
  • 3 years of direct experience in incident response surrounding malware related events (or equivalent technical domain competency)
  • Experience conducting analysis/investigation and containment of potential data breaches or cyber security incidents
  • Previous incident response and/or malware reverse engineering experience
  • Ability to handle multiple competing priorities in a fast paced environment
  • Strong analytical skills/problem solving/conceptual thinking
  • Ability to work effectively with technical and non-technical business owners
  • Ability to leverage technical skills to correlate data to streamline analysis process
  • Advanced problem solving skills, ability to develop effective long-term solutions to complex problems
  • Ability to communicate both verbally and in the written form and adapt your style to suit your audience.
  • Experience with Python and other programming languages a plus
  • Experience with Web Application Firewalls (WAF) a plus
  • Experience with Intrusion Detection & Prevention technologies (IDS/IPS) a plus
  • Experience with Malware, network layer detection and mitigation a strong plus
  • Experience with Unix system administration a plus
  • Must have solid understanding of Microsoft Windows malware
  • Must have a solid understanding of dynamic/static analysis of malware
  • Background or experience in static analysis a plus
  • Ability to oversee analysts creating scripts to automate certain tasks a plus
  • Solid background in network traffic analysis
  • Strong network protocol & packet analysis preferred; Manufacturer certifications a strong plus

Bank of America Merrill Lynch is an equal opportunities employer.

Posting Date: 07/12/2016
Location: SG--Singapore

Full / Part-time: Full time
Hours Per Week: 40