Job Overview
">
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.
">
We do this by driving Responsible Growth and delivering for our clients, teammates, communities, and shareholders every day.
">
Our Commitment
">
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
">
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact.
">
Role Responsibilities
">
">
1. Work with Malware Defense control owners to evolve malware control strategy and capabilities.
">
2. Mentor and train other analysts, helping them to improve their malware analysis and reverse engineering skillsets.
">
3. Perform in-depth analysis of malware, including authoring analysis reports.
">
4. Track malware campaigns, malicious actors, and related infrastructure.
">
5. Create tools and scripts to assist in malware analysis.
">
">
Required Skills
">
">
* Strong direct experience analyzing malware.
">
* Intermediate to advanced malware analysis skills.
">
* Experience with reverse engineering tools such as IDA Pro, x64dbg, OllyDbg, Immunity Debugger, and Ghidra.
">
* Experience analyzing dissembled x86 and x64 code; experience with other architectures like ARM or MIPS is a plus.
">
* Experience reverse engineering malware written in C, C++, VisualBasic, Java, .NET, Delphi, JavaScript, and VBScript.
">
* Solid background in C++ programming and Win32 APIs.
">
* Experience creating malware analysis tools and scripts for tasks like unpacking malware and configuration extraction.
">
* Experience building scripts to emulate malware and parse command-and-control traffic is a plus.
">
* Knowledge of encryption/obfuscation and reversing techniques.
">
* Ability to develop innovative methods to track malware families, infrastructure, and campaigns.
">
* Experience with penetration testing or adversary emulation is a plus.
">
* Background in network traffic analysis.
">
* Knowledge of networking protocols such as TCP/IP, HTTP/HTTPS, FTP, IRC.
">
* Certifications like GCIH, GREM, GCFA, or CISSP are desirable but not required.
">
* Ability to work independently and as part of a team.
">
"]",