At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
The ideal candidate will use their deep knowledge of security controls, tools, features, and operations for AWS to implement and enhance detective capabilities for a fully managed AWS environment.
This role exists at the intersection of detection engineering and operations and will focus primarily on developing and tuning AWS detections while maintaining close operational alignment with the SOC by providing complex escalation support to ensure detections are effective and actionable.
This will include building a detection engineering lifecycle and culture for a SIEM platform covering on-prem and multi-cloud environments while serving as a technical subject matter expert for the AWS environment.
The ideal candidate will partner with teams across Global Information Security to design, develop, tune, and maintain detection content to protect the Bank and support the Bank’s information security policies and/or procedures.

Requirements

Minimum of eight (8) or more years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
Highly organized and motivated self-starter who can deliver results with minimal direction.
Experience writing and tuning detections.
Experience with SIEM tools including Splunk.
Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.
Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
Experience with a range of AWS native services and tools (i.e. Guard Duty, CloudTrail, Security Hub).
Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
Understanding of Risk Management principles.
Experience in building, configuring, operating and/or securing cloud infrastructure and applications in AWS with either native cloud service provider capabilities or 3rd party vendor tools.
Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).
Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

Benefits

This role is currently benefits eligible.
We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills

Cyber SecurityCloud SOCPurple Teamdetection engineeringtuning detectionsSIEMAWSthreat assessmentrisk managementcloud infrastructure

Soft skills

highly organizedmotivated self-starterability to deliver resultsindependent risk assessmentsuggesting improvementscommunication skillspresentation skills