Malware Threat Intelligence Control Owner

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Role Summary:

The Threat Intelligence Control Owner is responsible for overseeing and enhancing the threat intelligence “processing” procedures within the Malware Defense program. This role involves close collaboration with cross-functional teams to ensure threat intelligence workflows are efficient, scalable, and aligned with enterprise security objectives. The Control Owner will drive improvements in automation, integration, and operational effectiveness using relevant technologies and platforms.

Key Responsibilities:

• Own and manage the threat intelligence processing control, ensuring consistent execution and continuous improvement.

• Collaborate with internal teams to refine procedures for investigating indicators of compromise (IOCs) across various log sources and controls.

• Integrate and optimize relevant technologies and platforms to support and enhance threat intelligence workflows, automation, and operational efficiency.

• Maintain, optimize, and automate Malware Defense’s custom intelligence gathering workflows to improve speed, accuracy, and scalability.

• Define and maintain documentation for threat intelligence processing standards, playbooks, and escalation paths.

• Monitor control performance and identify opportunities for automation and efficiency.

• Support audit and compliance efforts related to threat intelligence controls.

Required Qualifications:

• Threat Intelligence Experience: Intermediate to Advanced understanding of threat actor tactics, techniques, and procedures (TTPs).

• Log Investigation Skills: Intermediate to Advanced experience analyzing logs from email, web, and endpoint sources.

• Scripting & Development Experience: Intermediate proficiency with:

• Languages & Frameworks: Python, Node.js, JavaScript

• Web Frameworks: Django, FastAPI, Flask, Streamlit

• Infrastructure & Tools: Linux, Docker, NGINX

• Databases & Caching: PostgreSQL, Redis

• API Integration: Experience utilizing RESTful APIs for application and platform integrations

• Technology Proficiency:

• LogScale (Log Analysis)

• CrowdStrike Falcon (EDR)

• VirusTotal (Threat Research)

• Tanium (Endpoint Management & Detection)

• ProofPoint TAP (Email Threat Detection)

• Trellix Endpoint Security

• Trellix Web Security

• Trellix Email Security

• AI & Machine Learning Exposure: Experience working with artificial intelligence (AI), machine learning (ML), and model development or integration for threat detection, enrichment, or automation.

Desired Qualifications:

• Strong organizational and documentation skills.

• Experience working in cross-functional environments.

• Ability to identify gaps and drive process improvements.

• Familiarity with control ownership responsibilities in a cybersecurity or risk management context.

Shift:

1st shift (United States of America)

Hours Per Week:

40