Cloud & Mobile Malware Control Owner

Join to apply for the Cloud & Mobile Malware Control Owner role at Bank of AmericaAt Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.Key ResponsibilitiesControl Ownership & Governance: Own and manage malware controls related to cloud and mobile platforms. Ensure controls are effective, measurable, and aligned with enterprise risk tolerance.Threat Management & Response: Collaborate with incident response teams to triage and respond to malware threats targeting cloud and mobile environments. Support post-incident reviews and drive improvements.Technology Risk Oversight: Identify and assess risks associated with cloud and mobile malware threats. Partner with risk and oversight teams to implement mitigation strategies.Operational Integration: Work across operational teams to integrate malware controls into existing workflows and technologies. Ensure seamless execution and reporting of control effectiveness.Metrics & Reporting: Develop and maintain operational metrics and dashboards to track control performance. Provide regular updates to leadership and stakeholders.Collaboration & Communication: Engage with cross-functional teams including GIS, cloud engineering, mobile development, and enterprise risk. Communicate technical findings and strategic recommendations clearly to both technical and non-technical audiences.Continuous Improvement: Stay current with emerging malware tactics targeting cloud and mobile platforms. Lead initiatives to enhance detection, prevention, and response capabilities.Required QualificationsMinimum of 5 years of experience in malware analysis and incident response with a focus on cloud and/or mobile platforms.Strong understanding of cloud service provider security models (AWS, Azure, GCP).Experience with mobile malware analysis (Android/iOS), including static and dynamic techniques.Familiarity with cloud-native security tools and mobile threat defense platforms.Ability to assess malware threats and extract indicators of compromise (IoCs).Strong documentation and reporting skills.Experience working in large enterprise environments with cross-functional teams.Desired QualificationsExperience with sandbox technologies and virtualized analysis environments.Knowledge of mobile app reverse engineering tools (e.g., JADX, Frida, MobSF).Familiarity with cloud logging and monitoring tools (CloudTrail, Azure Monitor).Experience with SIEM platforms and event correlation.Knowledge of forensic artifacts in cloud and mobile environments.Experience with mobile security products like Lookout, CrowdStrike Mobile.Experience with Microsoft Defender, Microsoft Sentinel, AWS Guard Duty, Google Cloud Security Center.Certifications (Desired but not Required)CCSP, CCSK, GPCS, GMOB, GCIH, GREM, GCFA, GCFE, CISSP, or equivalent.SkillsCybersecurityData privacy and protectionProblem solvingProcess managementThreat analysisAccess and identity managementBusiness acumenInterpret relevant laws, rules, and regulationsRisk analyticsStakeholder managementData governanceData and trend analysisIncident managementInformation systems managementTechnology system assessmentShift: 1st shift (United States of America)Hours per week: 40Seniority level: Mid-Senior levelEmployment type: Full-timeJob function: Accounting/Auditing and FinanceJ-18808-Ljbffr