Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
 

The Malware Defense Team’s aim is to reduce risk across Bank of America by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity, and confidentiality of information of Bank of America. They are looking for an advanced-level analyst that has experience with threat actor tracking, malware analysis, and reverse engineering of malware. 

Responsibilities include, but are not limited to:

Working with Malware Defense control owners to evolve malware control strategy and capabilities.Mentioning and training other analysts, helping them to improve their malware analysis and reverse engineering skillsets.In-depth analysis of malware, including authoring analysis reports.Tracking malware campaigns, malicious actors, and related infrastructure.Creation of tools and scripts to assist in the analysis of malware analysis.

Required Skills:

Strong direct experience of analyzing malware.Intermediate to advanced malware analysis skills.Intermediate to advanced experience reverse engineering tools such as IDA Pro, x64dgb, OllyDbg, Immunity Debugger and/or Ghidra.Intermediate to advanced experience analyzing dissembled x86 and x64 code.  Experience analyzing dissembled code for other architectures (ARM, MIPS, etc.) is a plus.Intermediate to advanced experience reverse engineering malware code written in C, C++, VisualBasic, Java, .NET, Delphi, JavaScript, and VBScript.Solid background in C++ programming and Win32 API’s.Experience creating malware analysis tools and scripts for use in tasks such accelerating malware analysis, unpacking malware, and extracting data (ex – configuration extraction).Experience building and maintain scripts to emulate malware and parse c2 response traffic is a plus. Experience in encryption/obfuscation and how to reverse it is desired.Can create innovative ways to track progression of malware families, infrastructure and campaigns conducted by ecrime, and cyber espionage actors.Experience with penetration testing and/or adversary emulation is a plus.Background in network traffic analysis.Knowledge of networking protocols: TCP/IP, HTTP/HTTPs, FTP, IRC etc.GCIH, GREM, GCFA or CISSP is desired, but not required.Able to work independently on tasks, but also work well within a team environment.