Vulnerability Analyst (Attack Surface & Vulnerability Management), Global Information Security

Vulnerability Analyst (Attack Surface & Vulnerability Management), Global Information Security

Bank of America

What would you like the power to do? For you and your family, your business and your community. At Bank of America, our purpose is to help make financial lives better through the power of every connection.

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Your background

• Proven experience in Vulnerability Analysis.
• Knowledge of industry standard scoring models such as CVSS, CCSS.
• Knowledge of industry standard data models such as CPE and data normalization tools.
• Wide knowledge of application and IT products, interoperability, and extensive knowledge of IT security.
• Knowledge of application development platforms.
• Strong work ethic and ability to effectively multi-task in a fast-paced support environment.
• A broad knowledge of information security principles.
• Ability to work independently on initiatives with little oversight. Highly motivated and willing to learn.
• Strong analytical skills/problem solving/conceptual thinking.
• General information security certifications (CISSP / CISM / CCSK / Security+) desirable.

What you can expect

As a Vulnerability Analyst in the Global Information Security (GIS) Cyber Security Assurance (CSA) Attack Surface & Vulnerability Management organization (ASVM), you will be responsible for supporting the core vulnerability assessment activities for the organization. As a Vulnerability Analyst, you will leverage your analytic and technical skills to discover and accurately rate cyber risks, evaluate the criticality of key infrastructure assets, assess major information security risks, and drive the decisioning behind remediation/mitigation processes to protect the organization. As a member of this key GIS team, you will report on risks, make decisions informing remediation timelines, and work with teams to achieve mitigation and/or acceptance of vulnerability risk to resolve organizational cybersecurity challenges.

What you will do

Vulnerability Analysis:

• Analyze vulnerabilities, investigating solutions and recommending appropriate countermeasures to address their risk.
• Research and evaluate threats and vulnerabilities to assist in determining the prioritization and actions required for their remediation.
• Review and validate vulnerabilities using available data sources and tools, as well as identify new data sources as needed.
• Advise stakeholders on appropriate remediation & mitigation solutions.
• Leverage creativity and influence to enhance the overall vulnerability analysis program.