Job Description:

Bank of America is looking for a Senior Cloud Security Engineer to join our Global Information Security (GIS) team.

The Cyber Security Operations team in GIS is a true global operations shop with leading edge tools, processes, and people. Bank of America Global Information Security encourages career mobility, and this role will provide the opportunity to be part of a team where development and advancement is actively supported.

The ideal candidate must have deep knowledge of security controls, features, and operations for top Cloud Service Providers with the focus on Microsoft Azure. Candidate should have relevant experience to be able to design, build, and enhance detective capabilities in partnership with a cloud-focused Purple Team. The candidate should be intellectually curious about technology and data, and have a strong desire to find and mitigate risks.

This role will partner with GIS leaders to assist with defining the strategy and roadmaps for technology products, service standards, and governance routines that impact the global organization. You will be partnering with leadership across the Bank to design controls, governance routines, and service alternatives that improve the firm’s defenses. 

You may direct multiple major technology teams within Global Technology that research, engineer, test, implement, communicate, monitor, and maintain solutions supporting the Bank’s information security policies and/or procedures. You will utilize your in-depth knowledge and business requirements to design and engineer secure solutions to meet partner teams’ needs, or to address critical audit findings while protecting the Bank's data assets.

REQUIREMENTS:
• Five (5) or more years relevant Cyber Security experience.
• Experience performing root cause analysis.
• Experience conducting risk and threat assessments.
• Experience using a Security Event and Incident Monitoring (SEIM) solution, such as Sentinel.
• Experience building security alerts based on anomalous data indicators.
• Experience with Azure Log Analytics.
• Experience performing deep-dive analysis of log data to identify threats and vulnerabilities.
• Deep understanding of Cyber Security control environments and their relationship to zero-trust networks.
• Understanding of Identity and Access Management concepts.
• Understanding of SQL, NLQ, and KQL
• Understanding of threat frameworks, such as ATT&CK.
• Understanding of Risk Management principles.
• Understanding of data mining and data analysis techniques.
• Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
• Experience working to understand security operations center functionality, including incident response teams, vulnerability managers, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
• Highly organized and motivated self-starter who can deliver results with minimal direction
• Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

PREFERRABLE CERTIFICATIONS
• CISSP / CISM / Security

Bachelor’s Degree in Computer Science, Information Systems, Cyber Security, or related field. Preferred

Enterprise Role Overview - Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift:

Hours Per Week: