Job Description:
About us
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Global Business Services
Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations.
Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence and innovation.
In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services.
Process Overview
The Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary data, and customer information. Cyber Security Technology (CST) function under GIS is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support. Teammates in this role deliver moderately complex tools and systems that mitigate the risk of malicious cyber-attacks.
Individuals in this role contribute to the protection of system boundaries, keeping computer systems and network devices hardened against attacks and secure sensitive data. It is important that those in this role actively create and nurture partnerships with peer teams and identify opportunities for cross-team collaboration. Individuals in this role operate within a structured environment with some oversight but are eager to take initiative and tackle complex problems within one or more security engineering domains. This role may mentor one or more junior team members.
Job Description
Bank of America is seeking a highly motivated engineer to join our Global Information Security Cloud Security team. Candidate should be working as a contributing member in an agile service team focused on Cloud automations and Policy-as-code development, taking a key role in Deployments, participating in cloud security solution architecture and design and in tasks related to development lifecycle activities.
Responsibilities
You will be an individual contributor responsible for researching, implementing, and supporting complex IT engineering tasks as a part of an agile Engineering for GIS Cloud Security department. Your tasks will include:
Identify, define, document, and implement security system requirements for AWS and Azure.
Develop and execute test plans and produce quantitative results.
Leverage broad knowledge of information security technologies, techniques, processes, and prepare to grow that knowledge within one or more security engineering domains.
Drive complex technical information security projects to ensure on-time delivery.
Identify and raise risks or potential vulnerabilities at all stages of the security- engineering process.
Think outside the box to develop multiple solutions to complex problems.
Work closely with a diverse set of stakeholders with varying priorities to debate and negotiate paths forward.
Contribute to existing test suites (integration, regression, and performance), analyze test reports, identify any test issues/errors, and triage the underlying cause.
Document and communicate required information for deployment, maintenance, support, and business functionality.
Identify gaps in information security standards adherence and work with appropriate partners to develop plans to close gaps.
Must have a troubleshooting/problem solving mindset.
Requirements
Education : B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)
Certifications If Any : cloud Certifications (CCSP, AWS Security Specialty, Azure Security)
Experience Range : 5+ Years
Foundational skills
Broad knowledge of information cloud security technologies, techniques and processes and excitement to grow that knowledge within one or more security-engineering domains.
Experience with Python, PowerShell or Go is a must.
Experience in public cloud services in AWS / Azure / GCP is required.
Experience with policy as code frameworks such as OPA or Hashicorp Sentinel, CSPM, cloud/SaaS security management is helpful.
Experience in Wiz preferred
A good understanding of Cloud security services such as AWS SCP, AWS SecurityHub, AWS Config, EventBridge, SSM, Azure Policy, Microsoft Defender is a plus.
Experience at a financial institution is a plus.
Ability to communicate (verbal and written) across all levels of the organization, from technical experts to senior executives. Comfortable working with distributed team members using video conferencing, instant messaging, telephone calls, etc.
Strong attention to detail, confident enough to raise questions and identify issues.
Enjoys trouble shooting and puzzle solving.
Understanding of Agile projects, roles, and development support
Detail oriented work ethic.
Strong written \& verbal skills combined with a passion for collaboration and teamwork.
Desired skills
Good understanding of Change and Incident Management processes
Experience in integrating security tools and services in CI/CD pipelines
Aptitude to independently learn new technologies.
Be able to run and bring to completion multiple competing projects
Work Timings
12:30 PM to 9.30 PM IST
Job Location
Hyderabad; Chennai