Denver, Colorado

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

We are looking for experienced Cloud DevSecOps Engineers to join our Global Information Security (GIS) Cloud Defense Group. This role will report to the Head of Cloud Defense CI/CD Security Engineering, and is critical to our Cloud Application Security strategy. This role will be responsible for working closely with DevOps Engineering to ensure that the Bank's Cloud Application pipelines have the appropriate controls and supporting technologies. The Cloud DevSecOps Engineer will work together with our Enterprise Architecture, GIS Cloud Architecture, Cloud IAM and other groups to ensure that the solutions we deliver meet the needs of the business. Responsibilities for the role include:
  • Perform product design activities as required
  • Perform gap analysis of CI/CD pipeline security for applications being deployed to public Cloud
  • Develop and agree roadmaps for controls and supporting technologies
  • Ensure that code adheres to strict standards for accessibility, security and sustainability
  • Collaborate across a multi-functional organization to drive automated code scanning and security testing
  • Actively participate in requirements, architecture reviews, and design meetings

Required skills:
  • CI/CD pipeline construction and security
  • Some experience as a developer in e.g. Java, Python, Go
  • Some experience with Agile development practices and test-driven development
  • Deep understanding of application security and relevant controls
  • Deep understanding of Cloud Application deployment models and relevant controls
  • Experience with Container technologies ( Docker, Kubernetes, Openshift)
  • AWS, Azure, IBM Cloud and/or Google APIs experience
  • Experience using threat modelling methodologies and tools
  • Experience with configuration management and automation tools such as Ansible, Puppet, Terraform, CloudFormation, Salt

Nice to have:
  • Experience of Linux\UNIX system administration
  • Deep knowledge of web protocols, multiple operating systems, hypervisors and distributed systems architecture
  • Experience with GitHub, GitHub actions
  • Experience with microservices architectures
  • Experience with Policy as Code implementations as part of a CI/CD pipeline
  • Cloud provider certification (e.g. AWS Certified Developer, AWS Certified Architect)
  • Security-specific certifications (e.g. CEH)
  • Experience with architecting software solutions

We're looking for people who are passionate about cloud and application security technologies, and about using them to solve interesting business problems for our customers. If you're collaborative, technical, and enjoy working on big challenges, we think you'll enjoy working with us.

Job Band:
H5

Shift:
1st shift (United States of America)

Hours Per Week:
40

Weekly Schedule:

Referral Bonus Amount:
0
--> Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

We are looking for experienced Cloud DevSecOps Engineers to join our Global Information Security (GIS) Cloud Defense Group. This role will report to the Head of Cloud Defense CI/CD Security Engineering, and is critical to our Cloud Application Security strategy. This role will be responsible for working closely with DevOps Engineering to ensure that the Bank's Cloud Application pipelines have the appropriate controls and supporting technologies. The Cloud DevSecOps Engineer will work together with our Enterprise Architecture, GIS Cloud Architecture, Cloud IAM and other groups to ensure that the solutions we deliver meet the needs of the business. Responsibilities for the role include:
  • Perform product design activities as required
  • Perform gap analysis of CI/CD pipeline security for applications being deployed to public Cloud
  • Develop and agree roadmaps for controls and supporting technologies
  • Ensure that code adheres to strict standards for accessibility, security and sustainability
  • Collaborate across a multi-functional organization to drive automated code scanning and security testing
  • Actively participate in requirements, architecture reviews, and design meetings

Required skills:
  • CI/CD pipeline construction and security
  • Some experience as a developer in e.g. Java, Python, Go
  • Some experience with Agile development practices and test-driven development
  • Deep understanding of application security and relevant controls
  • Deep understanding of Cloud Application deployment models and relevant controls
  • Experience with Container technologies ( Docker, Kubernetes, Openshift)
  • AWS, Azure, IBM Cloud and/or Google APIs experience
  • Experience using threat modelling methodologies and tools
  • Experience with configuration management and automation tools such as Ansible, Puppet, Terraform, CloudFormation, Salt

Nice to have:
  • Experience of Linux\UNIX system administration
  • Deep knowledge of web protocols, multiple operating systems, hypervisors and distributed systems architecture
  • Experience with GitHub, GitHub actions
  • Experience with microservices architectures
  • Experience with Policy as Code implementations as part of a CI/CD pipeline
  • Cloud provider certification (e.g. AWS Certified Developer, AWS Certified Architect)
  • Security-specific certifications (e.g. CEH)
  • Experience with architecting software solutions

We're looking for people who are passionate about cloud and application security technologies, and about using them to solve interesting business problems for our customers. If you're collaborative, technical, and enjoy working on big challenges, we think you'll enjoy working with us.

Job Band:
H5

Shift:
1st shift (United States of America)

Hours Per Week:
40

Weekly Schedule:

Referral Bonus Amount:
0
Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Defense (CSD) function within Global Information Security is responsible for all aspects of threat intelligence and monitoring, application and network security, and insider threat. In addition, the CSD team drives out the enterprise-wide cyber exercise program.

We are looking for experienced Cloud DevSecOps Engineers to join our Global Information Security (GIS) Cloud Defense Group. This role will report to the Head of Cloud Defense CI/CD Security Engineering, and is critical to our Cloud Application Security strategy. This role will be responsible for working closely with DevOps Engineering to ensure that the Bank's Cloud Application pipelines have the appropriate controls and supporting technologies. The Cloud DevSecOps Engineer will work together with our Enterprise Architecture, GIS Cloud Architecture, Cloud IAM and other groups to ensure that the solutions we deliver meet the needs of the business. Responsibilities for the role include:
  • Perform product design activities as required
  • Perform gap analysis of CI/CD pipeline security for applications being deployed to public Cloud
  • Develop and agree roadmaps for controls and supporting technologies
  • Ensure that code adheres to strict standards for accessibility, security and sustainability
  • Collaborate across a multi-functional organization to drive automated code scanning and security testing
  • Actively participate in requirements, architecture reviews, and design meetings

Required skills:
  • CI/CD pipeline construction and security
  • Some experience as a developer in e.g. Java, Python, Go
  • Some experience with Agile development practices and test-driven development
  • Deep understanding of application security and relevant controls
  • Deep understanding of Cloud Application deployment models and relevant controls
  • Experience with Container technologies ( Docker, Kubernetes, Openshift)
  • AWS, Azure, IBM Cloud and/or Google APIs experience
  • Experience using threat modelling methodologies and tools
  • Experience with configuration management and automation tools such as Ansible, Puppet, Terraform, CloudFormation, Salt

Nice to have:
  • Experience of Linux\UNIX system administration
  • Deep knowledge of web protocols, multiple operating systems, hypervisors and distributed systems architecture
  • Experience with GitHub, GitHub actions
  • Experience with microservices architectures
  • Experience with Policy as Code implementations as part of a CI/CD pipeline
  • Cloud provider certification (e.g. AWS Certified Developer, AWS Certified Architect)
  • Security-specific certifications (e.g. CEH)
  • Experience with architecting software solutions

We're looking for people who are passionate about cloud and application security technologies, and about using them to solve interesting business problems for our customers. If you're collaborative, technical, and enjoy working on big challenges, we think you'll enjoy working with us.

Shift:
1st shift (United States of America)

Hours Per Week:
40
Learn more about this role

Denver, Colorado

You’ve led troops, now help lead your community 

As a leader in the military, you motivated troops to get the job done. We value your ability to influence change and encourage you to continue that influence here and in our communities. Our Military Affairs Team proudly supports veterans in our communities through education and volunteer events. Together, we can create better communities and a brighter future for us all. 

First you fought for the American dream, now you can guide its future

You joined the military to protect a nation and its people. Let the same passion for making a difference lead you to a new career. At Bank of America, we’re proud that more than 6,800 veterans work for us. They’ve discovered that their desire to help others didn’t end with their service. Here, you’ll help our customers and clients connect to better financial lives.