Bank of America
Cloud SIEM Engineer
Bank of America, Denver, Colorado, United States, 80285
Job Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!Job Title:
Cloud SIEM EngineerKey Responsibilities:Leadership and Development:
Collaborate and influence a team of talented developers in a collaborative and high-performing work environment. Set and achieve clear objectives, provide clarity and regular feedback, and contribute to performance evaluations to enhance the team's capabilities. Promote professional growth by organizing training sessions and encouraging employees to pursue relevant certifications and industry advancements.AWS Detection Engineering:
Understand and help drive Detection Engineering efforts in SIEM or SOAR within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the bank's platform and workloads.SIEM and SOAR Software Solution Architecture and Design:
Collaborate with internal stakeholders to understand security requirements and business goals. Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases.Development and Implementation:
Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats.Security Incident Management:
Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation.Performance Optimization and Scalability:
Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement.Compliance and Policy:
Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation.Research and Innovation:
Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations.Minimum Requirements:3+ years of proven experience in SIEM and security operations (e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel, Google Chronicle).3+ years of experience with Splunk, certifications preferred.3+ years of experience with detection and response-based security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure).Understanding of Threat Modeling and Detection Engineering best practices.Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms.Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies.Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes.Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges.Experience with Infrastructure as Code (CDK, Cloud Formation, Terraform).Experience with Git-based source code management.Experience in Agile teams.Bachelor's or Master's degree in Computer Science, Information Security, or a related field or equivalent experience.Skills:InfluenceResult OrientationSolution DesignStakeholder ManagementTechnical Strategy DevelopmentAccess and Identity ManagementCritical ThinkingCyber SecurityInformation Systems ManagementRisk ManagementCollaborationDevOps PracticesFinancial ManagementSolution Delivery ProcessTest EngineeringThis job will be open and accepting applications for a minimum of seven days from the date it was posted.Shift:
1st shift (United States of America)Hours Per Week:
40
#J-18808-Ljbffr
Cloud SIEM EngineerKey Responsibilities:Leadership and Development:
Collaborate and influence a team of talented developers in a collaborative and high-performing work environment. Set and achieve clear objectives, provide clarity and regular feedback, and contribute to performance evaluations to enhance the team's capabilities. Promote professional growth by organizing training sessions and encouraging employees to pursue relevant certifications and industry advancements.AWS Detection Engineering:
Understand and help drive Detection Engineering efforts in SIEM or SOAR within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the bank's platform and workloads.SIEM and SOAR Software Solution Architecture and Design:
Collaborate with internal stakeholders to understand security requirements and business goals. Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases.Development and Implementation:
Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats.Security Incident Management:
Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation.Performance Optimization and Scalability:
Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement.Compliance and Policy:
Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation.Research and Innovation:
Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations.Minimum Requirements:3+ years of proven experience in SIEM and security operations (e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel, Google Chronicle).3+ years of experience with Splunk, certifications preferred.3+ years of experience with detection and response-based security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure).Understanding of Threat Modeling and Detection Engineering best practices.Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms.Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies.Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes.Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges.Experience with Infrastructure as Code (CDK, Cloud Formation, Terraform).Experience with Git-based source code management.Experience in Agile teams.Bachelor's or Master's degree in Computer Science, Information Security, or a related field or equivalent experience.Skills:InfluenceResult OrientationSolution DesignStakeholder ManagementTechnical Strategy DevelopmentAccess and Identity ManagementCritical ThinkingCyber SecurityInformation Systems ManagementRisk ManagementCollaborationDevOps PracticesFinancial ManagementSolution Delivery ProcessTest EngineeringThis job will be open and accepting applications for a minimum of seven days from the date it was posted.Shift:
1st shift (United States of America)Hours Per Week:
40
#J-18808-Ljbffr