Overview
Vice President, Senior Malware Reverse Engineer, Global Information Security, Australia
Pay information not disclosed by advertiser
Apply
Job Description
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
The Malware Defense Team's aim is to reduce risk across Bank of America by using existing or establishing robust cyber-hacking and malicious code containment activities for the security, safeguarding, continuity, and confidentiality of information. They are looking for an advanced-level analyst with experience in threat actor tracking, malware analysis, and reverse engineering of malware.
Responsibilities
Collaborate with Malware Defense control owners to evolve malware control strategy and capabilities.
Mentor and train other analysts to improve malware analysis and reverse engineering skills.
Perform in-depth malware analysis and author analysis reports.
Track malware campaigns, malicious actors, and related infrastructure.
Create tools and scripts to assist in malware analysis.
Required Skills
Strong direct experience analyzing malware.
Intermediate to advanced malware analysis skills.
Experience with reverse engineering tools such as IDA Pro, x64dbg, OllyDbg, Immunity Debugger and/or Ghidra.
Experience analyzing disassembled x86 and x64 code; experience with ARM, MIPS or other architectures is a plus.
Solid background in C++ programming and Win32 APIs.
Experience creating malware analysis tools and scripts to accelerate analysis, unpack malware, and extract data (e.g., configuration extraction).
Experience building and maintaining scripts to emulate malware and parse C2 response traffic is a plus.
Experience in encryption/obfuscation and reversing it is desired.
Ability to track progression of malware families, infrastructure, and campaigns conducted by cybercrime or cyber espionage actors.
Experience with penetration testing and/or adversary emulation is a plus.
Background in network traffic analysis.
Knowledge of networking protocols: TCP/IP, HTTP/HTTPS, FTP, IRC, etc.
GCIH, GREM, GCFA or CISSP is desired, but not required.
Able to work independently on tasks, but also work well within a team environment.
Certifications
Security Certifications: GCIH, GREM, GCFA, CISSP
Job Details
Contract type: Permanent
Work type: Full time
Job mode: Onsite / Standard business hours
Industry: Information Technology
Sector: Privately held company
Company size: 1000+
#J-18808-Ljbffr