Senior Cloud Detection Engineer

Description

:

Bank of America is looking for an experienced Cloud Detection Engineer to join our Cyber Security Operations team. The ideal candidate will use their deep knowledge of security controls, tools, features, and operations for AWS to implement and enhance detective capabilities for a fully managed AWS environment. The candidate should be intellectually curious about technology and the evolving threat landscape and willing to actively engage and triage.

This role exists at the intersection of detection engineering and operations and will focus primarily on developing and tuning AWS detections while maintaining close operational alignment with the SOC by providing complex escalation support to ensure detections are effective and actionable. This will include building a detection engineering lifecycle and culture for a SIEM platform covering on-prem and multi-cloud environments while serving as a technical subject matter expert for the AWS environment. The ideal candidate will partner with teams across Global Information Security to design, develop, tune, and maintain detection content to protect the Bank and support the Bank’s information security policies and/or procedures.

Responsibilities

• Design, build, and tune AWS security detections using Splunk
• Reduce false positives and improve alert fidelity
• Partner with cloud and security teams to increase detection coverage
• Translate threat scenarios into actionable detections
• Act as L2 escalation support for complex AWS-related alerts
• Validate and investigate high-risk findings
• Provide feedback and guidance to L1 analysts
• Use real investigations to continuously improve detection logic

Skills and Experience

• Minimum of eight (8) or more years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
• Highly organized and motivated self-starter who can deliver results with minimal direction.
• Experience writing and tuning detections.
• Experience with SIEM tools including Splunk.
• Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within AWS.
• Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
• Experience with a range of AWS native services and tools (i.e. Guard Duty, CloudTrail, Security Hub)
• Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
• Understanding of Risk Management principles.
• Experience in building, configuring, operating and/or securing cloud infrastructure and applications in AWS with either native cloud service provider capabilities or 3rd party vendor tools.
• Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
• Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
• Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).
• Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

Preferable Certifications/Degrees

• CCSP / CCSK
• CISSP / CISM / Security +
• Bachelor’s or Master’s Degree in Computer Science, Information Systems, Cyber Security, or related field.

Skills:

• Influence
• Result Orientation
• Solution Design
• Stakeholder Management
• Technical Strategy Development
• Cyber Security
• Information Systems Management
• Risk Management
• Solution Delivery Process
• Collaboration
• Critical Thinking
• DevOps Practices
• Test Engineering

Shift:

1st shift (United States of America)

Hours Per Week:

40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540)Pay and benefits informationPay range$150,000.00 - $190,700.00 annualized salary, offers to be determined based on experience, education and skill set.Discretionary incentive eligibleThis role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.BenefitsThis role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.