Senior Cybersecurity Engineer - Cloud Field Engineering
Company: Disability Solutions
Location: Denver
Posted on: November 14, 2024
Job Description:
Job Description:At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. Responsible Growth is how we run our company and
how we deliver for our clients, teammates, communities and
shareholders every day.One of the keys to driving Responsible
Growth is being a great place to work for our teammates around the
world. We're devoted to being a diverse and inclusive workplace for
everyone. We hire individuals with a broad range of backgrounds and
experiences and invest heavily in our teammates and their families
by offering competitive benefits to support their physical,
emotional, and financial well-being.Bank of America believes both
in the importance of working together and offering flexibility to
our employees. We use a multi-faceted approach for flexibility,
depending on the various roles in our organization.Working at Bank
of America will give you a great career with opportunities to
learn, grow and make an impact, along with the power to make a
difference. Join us!Job Description:Come join an exciting team
within Global Information Security (GIS). Cyber Security Technology
(CST) is a globally distributed team responsible for cyber security
innovation, architecture, engineering, solutions and capabilities
development, cyber resiliency, access management engineering, data
strategy, deployment maintenance, technical project management and
information technology security control support.We are seeking a
highly skilled and experienced Senior Cybersecurity Engineer to
join our team. In this role, you will be responsible for
integrating security controls as code within our cloud platforms.
You will work closely with cross-functional teams, including
DevOps, software engineering, and IT operations, to design,
implement, and maintain robust security solutions that protect our
cloud infrastructure from emerging threats.Key
Responsibilities:
- Threat Modeling & Risk Assessment: Conduct threat modeling and
risk assessments to identify potential vulnerabilities in cloud
environments and develop strategies to mitigate these risks.
- Design & Implementation: Develop and integrate security
controls as code across multiple cloud platforms (e.g., AWS, Azure,
GCP) to ensure the security and compliance of cloud
infrastructure.
- Build Controls: Automate security processes and controls,
leveraging Infrastructure as Code (IaC) tools (e.g., Terraform) to
embed security at every stage of the cloud lifecycle.
- Delivery Controls: Create rules scanning of Infrastructure as
Code at deployment to prevent non-Compliant code from creating
Cloud Resources.
- Runtime Controls: Automate the detection and remediation of
Non-Compliant Cloud Resources moving them back to a known good
state without the need for human interaction.
- Compliance & Governance: Demonstrate that our cloud
environments comply with internal control requirements and
regulatory obligations, with robust reporting and dashboards.
- Advocacy: Communicate the possibilities the Cloud Provides for
Cybersecurity vision and roadmap to stakeholders and the team and
drive user adoption.
- Collaboration: Work closely with DevOps, engineering, and IT
teams to integrate security best practices into CI/CD pipelines,
ensuring secure and efficient deployment processes.
- Documentation: Maintain comprehensive documentation of security
controls, policies, and procedures for cloud
environments.Experience & Qualifications:
- Experience: Significant experience in cybersecurity across
multiple domains, with a strong focus on cloud security and
integrating controls as code.
- Technical Expertise: Deep knowledge of cloud platforms (AWS,
Azure, GCP) and significant experience building and operating
cloud-native security tools and services.
- Programming & Scripting: Proficiency in programming and
scripting languages (e.g., Python, Go, Shell) used for automation
and security integration.
- Infrastructure as Code (IaC): Significant Hands-on experience
building Cloud Services with IaC tools such as Terraform,
CloudFormation, or similar.
- Security Frameworks: Familiarity with security frameworks and
standards (e.g., NIST, CIS, ISO) and their application in cloud
environments.
- DevSecOps: Strong understanding of DevSecOps principles and
experience integrating security into CI/CD pipelines and
operational processes.
- Problem-Solving: Excellent problem-solving skills, with the
ability to think critically and adapt to new challenges and
communicate insights in simple terms.
- Communication: Strong written and verbal communication skills,
with the ability influence at all levels by explain complex
security concepts to non-technical stakeholders.
- Certifications: Relevant certifications such as CISSP, CCSP,
AWS Solutions Architect; AWS Security Specialty AWS Certified
Security; Azure Developer Associate & Azure Security Engineer
AssociateSkills:
- Planful: Thoughtfully setting, proactively managing, and
predictably achieving commitments through strategy, process,
communication, and delivery.
- Ownership: Acceptance of full responsibility for delivery
outcome - "buck stops here" mentality. And collaboratively
addressing problems as they arise.
- Connected: Clear orientation and understanding of where you,
your team, your work/priorities join with others in a common
goal.
- Consistency: Drive toward and adoption of logical, efficient,
and sustainable processes and tools to achieve predictable
results.
- Accuracy: Achieving business value (as agreed with key
stakeholders and control partners) within defined tolerance across
measurable parameters (scope, schedule, cost).
- Influence
- Result Orientation
- Solution Design
- Stakeholder ManagementThis job will be open and accepting
applications for a minimum of seven days from the date it was
posted.Shift:1st shift (United States of America)Hours Per Week:
40Pay Transparency detailsUS - CO - Denver - 1144 15th St - Denver
Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street
NW (DC1842), US - WA - Seattle - 401 Union St - Rainier Square
(WA1510)Pay and benefits informationPay range$147,700.00 -
$190,000.00 annualized salary, offers to be determined based on
experience, education and skill set.Discretionary incentive
eligibleThis role is eligible to participate in the annual
discretionary plan. Employees are eligible for an annual
discretionary award based on their overall individual performance
results and behaviors, the performance and contributions of their
line of business and/or group; and the overall success of the
Company.BenefitsThis role is currently benefits eligible. We
provide industry-leading benefits, access to paid time off,
resources and support to our employees so they can make a genuine
impact and contribute to the sustainable growth of our business and
the communities we serve.
Keywords: Disability Solutions, Castle Rock , Senior Cybersecurity Engineer - Cloud Field Engineering, Engineering , Denver, Colorado
Didn't find what you're looking for? Search again!
Loading more jobs...