Senior Cloud Detection Engineer

Bank of America is looking for an experienced Cloud Detection Engineer to join our Cyber Security Operations team. The ideal candidate will use their deep knowledge of security controls, tools, features, and operations for AWS to implement and enhance detective capabilities for a fully managed AWS environment. The candidate should be intellectually curious about technology and the evolving threat landscape and willing to actively engage and triage.

This role exists at the intersection of detection engineering and operations and will focus primarily on developing and tuning AWS detections while maintaining close operational alignment with the SOC by providing complex escalation support to ensure detections are effective and actionable. This will include building a detection engineering lifecycle and culture for a SIEM platform covering on-prem and multi-cloud environments while serving as a technical subject matter expert for the AWS environment. The ideal candidate will partner with teams across Global Information Security to design, develop, tune, and maintain detection content to protect the Bank and support the Bank's information security policies and/or procedures.

Responsibilities

• Design, build, and tune AWS security detections using Splunk
• Reduce false positives and improve alert fidelity
• Partner with cloud and security teams to increase detection coverage
• Translate threat scenarios into actionable detections
• Act as L2 escalation support for complex AWS-related alerts
• Validate and investigate high-risk findings
• Provide feedback and guidance to L1 analysts
• Use real investigations to continuously improve detection logic, Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

View your "Know your Rights (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12.pdf) " poster.

View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) .

• Minimum of eight (8) or more years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
• Highly organized and motivated self-starter who can deliver results with minimal direction.
• Experience writing and tuning detections.
• Experience with SIEM tools including Splunk.
• Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.
• Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
• Experience with a range of AWS native services and tools (i.e. Guard Duty, CloudTrail, Security Hub)
• Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
• Understanding of Risk Management principles.
• Experience in building, configuring, operating and/or securing cloud infrastructure and applications in AWS with either native cloud service provider capabilities or 3rd party vendor tools.
• Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
• Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
• Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).
• Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

Preferable Certifications/Degrees

• CCSP / CCSK
• CISSP / CISM / Security + Bachelor's or Master's Degree in Computer Science, Information Systems, Cyber Security, or related field.

Skills:

• Influence
• Result Orientation
• Solution Design
• Stakeholder Management
• Technical Strategy Development
• Cyber Security
• Information Systems Management
• Risk Management
• Solution Delivery Process
• Collaboration
• Critical Thinking
• DevOps Practices
• Test Engineering

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!, Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.