Logo
Bank of America

Senior Cloud Security Engineer - Detection Engineering/AWS

Bank of America, Addison, Texas, United States, 75001


Senior Cloud Security Engineer - Detection Engineering/AWS

Denver, Colorado;Addison, Texas

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Position Summary

Bank of America is looking for an experienced Senior Cloud Security Engineer to join our Cyber Security Operations team. The ideal candidate must have deep knowledge of security controls, tools, features, and operations for AWS. Candidate should be able to demonstrate relevant experience with implementing and enhancing detective capabilities in a fully managed AWS environment. The candidate should be intellectually curious about technology and the evolving threat landscape.

This role will help to build a detection engineering process and culture for a SIEM platform covering on-prem and multi-cloud environments while serving as a technical subject matter expert for the AWS environment. It will partner with teams across Global Information Security to design, develop, tune, and maintain detection content to protect the Bank and support the Bank’s information security policies and/or procedures.

Qualifications:

Eight (8) or more years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.

Highly organized and motivated self-starter who can deliver results with minimal direction.

Experience writing and tuning detections.

Experience with SIEM tools.

Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.

Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.

Experience with a range of AWS native services and tools (i.e. Guard Duty, Security Hub)

Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.

Understanding of Risk Management principles.

Experience in building, configuring, operating and/or securing cloud infrastructure and applications in AWS with either native cloud service provider capabilities or 3rd party vendor tools.

Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.

Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.

Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).

Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.

Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

Desired

Bachelor’s or Master’s Degree in Computer Science, Information Systems, Cyber Security, or related field.

Preferable Certifications

CCSP/CCSK

CISSP/CISM/Security Enterprise Role Overview:

This job is responsible for leading multiple security engineering efforts that deliver enterprise security capabilities. Key responsibilities include serving as a subject matter expert of security technology and acting as the critical decision maker with regards to technical design and implementation for respective security initiatives. Job expectations include assigning tasks and providing direction to team members, owning tactical decisions, and fostering relationships with clients and stakeholders.

Shift:

1st shift (United States of America)

Hours Per Week:

40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926)

Pay and benefits information

Pay range

$147,700.00 - $190,000.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

To view the "EEO is the Law" poster, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) .

To view the "EEO is the Law" Supplement, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) .

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

To view Bank of America’s Drug-free Workplace and Alcohol Policy, CLICK HERE .

This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.