Adaptive Threat Simulation Senior Manager

Job Description:

Bank of America's Global Information Security team is looking for a Adaptive Threat Simulation (Red Team) Manager.

This position is responsible for helping to design, build, and deliver major components of Bank of America's red team strategy. You will work on a cross-functional team with deep knowledge of security processes and procedures, best practices, and red teaming to perform in-depth advanced log, system, and process analytics in order to pursue and prove or disprove hypotheses relating to malicious activity. Candidates will be strong technical and people leads – able to lead a geographically disperse technical team to protect the Bank. Deep knowledge and experience with adversarial techniques, red teaming, and Threat Simulations, as well as experience and familiarity with defensive security controls and methods. You will demonstrate extraordinary organizational and cross-functional communication skills to drive analytics and investigations in to threats throughout the Enterprise. 

In this role, you will work with all operational and technical teams within Global Information Security (GIS) in order to gain insight into critical controls and architectural specifics in order to develop analytics that identify malicious behavior accurately while maintaining a low false positive rate. This role advises on and reviews product assessments, policy adjustments, and architectural transformations that impact the global Corporation, and will be a thought leader in the design of cutting-edge detective, preventative, and proactive controls. Direct coordination with control partners to build, improve, and evolve detections based on threat research and simulations. The use of industry-accepted and reviewed frameworks to enable the Bank to stay abreast of and participate in evolving security frameworks and concepts is a must. 

Required Skills: 

• 8+ years experience performing Red Teaming and Cyber Security

• Lead, plan, and conduct red team operations against the bank using emerging threat TTPs to identify risks and train defensive teams

• Coordinate and collaborate with various cyber security team members to improve the Bank’s security posture

• Ability to communicate and summarize highly technical work to senior executives

• Extensive experience with offensive security and assessment methodology 

• Experience explaining planning, coordinating, and reporting on Threat Simulation work to both technical teams and senior management

• Ability to navigate and work effectively across a complex, geographically dispersed organization 

• Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals 

• Must have experience with offensive security frameworks such as Cobalt Strike, Sliver, Mythic, etc.

• Must have knowledge with data networks, major operating systems, active directory, and other enterprise technical systems

• Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious insider activity, organized crime/fraud groups, and both state and non-state sponsored threat actors

• Ability to translate offensive security work to actionable defensive guidance

• Experience with offensive security and vulnerability analysis of emerging threats to assist Incident Response for major cyber security events

• Deep experience working with industry-wide frameworks and standards like 

Beneficial attributes:

• Certifications such as OSCP, OSCE, or CREST are highly desirable

• Experience reviewing threat intelligence and conducting OSINT research

• Familiarity with defensive technologies such as EDR, SIEM, IDS, Proxies, Anti-Virus, etc.

Enterprise Role Overview:

Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as a Senior Manager.

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

Hours Per Week: