Senior Cloud Security Engineer - AWS
Denver
Bank of America
What would you like the power to do? For you and your family, your business and your community. At Bank of America, our purpose is to help make financial lives better through the power of every connection.Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Position Summary
Bank of America is looking for an experienced Senior Cloud Security Engineer to join our AWS Cloud Security Operations team. The ideal candidate must have deep knowledge of security controls, tools, features, and operations for AWS. Candidate should be able to demonstrate relevant experience with implementing and enhancing visibility and detective capabilities in a fully managed AWS environment. The candidate should be intellectually curious about technology and have a strong desire to find and mitigate risks.
This role will help to build a continuous improvement process as part of the AWS Cloud Security Operations team. It will partner across GIS to identify, escalate, and drive corrective actions related to lack of visibility or monitoring within the Azure environments. You may lead cross functional teams within Global Technology that research, engineer, test, implement, communicate, monitor, and maintain solutions supporting the Bank’s information security policies and/or procedures. You will utilize your in-depth knowledge and business requirements to design and engineer secure solutions to meet partner teams’ needs, or to address critical audit findings while protecting the Bank's cloud assets.
Qualifications:
- Eight (8) or more years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
- Highly organized and motivated self-starter who can deliver results with minimal direction.
- Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.
- Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
- Experience with a range of AWS native services and tools.
- Experience writing and modifying Analytic Rules.
- Experience designing and implementing SOAR capabilities within AWS.
- Deep understanding of AWS.
- Deep understanding of Cyber Security control environments and their relationship to zero-trust networks.
- Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
- Understanding of Risk Management principles.
- Deep experience in building, configuring, operating and/or securing cloud infrastructure and applications in Azure with either native cloud service provider capabilities or 3rd party vendor tools.
- Proven ability to leverage AWS native capabilities to build custom reports and dashboards.
- Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
- Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
- Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).
- Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
- Excellent verbal and written communication skills with ability to distill key data points and effectively present information.
Desired:
- Bachelor’s or Master’s Degree in Computer Science, Information Systems, Cyber Security, or related field.
- Experience with deployment orchestration systems such as Kubernetes, ECS, and Elastic Beanstalk
- Experience working with CI/CD tools such as CircleCI or Jenkins
- Experience with Docker and Docker-Compose
- Experience with configuration management and automation tools (e.g., Puppet, Ansible, Chef, CloudFormation, SaltStack, Terraform)
- Linux system administration experience
- Programming experience in at least one language (python, node, java, go, c/c++, ruby)
- Experience with logging and monitoring tools such as ELK, DataDog or NewRelic, LogEntries, SumoLogic, etc.
Preferable Certifications
- AZ-500
- SC-200
- CCSP / CCSK
- CISSP / CISM / Security +
- Network +
Shift:
1st shift (United States of America)Hours Per Week:
40* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Ansible Automation AWS Azure C CCSK CCSP CI/CD CircleCI CISM CISSP Cloud Computer Science Docker ELK GDPR HIPAA Incident response Java Jenkins Kubernetes Linux MITRE ATT&CK Monitoring NIST Puppet Python Risk management Ruby SOAR SOC Terraform Threat intelligence Vulnerabilities
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Security Operations Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cybersecurity Consultant jobs
- Open Senior Network Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information Security Architect jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs