Network Security Assurance & Remediation Engineer

Network Security Assurance & Remediation Engineer

Charlotte, North Carolina;Chicago, Illinois; Denver, Colorado

Job Description:

The Cyber Security Assurance (CSA) Organization is responsible for providing an uncompromised technology and application environment for employees, customers, clients, and shareholders through continuous and comprehensive cyber security testing. CSA consists of multiple broader teams which focus on various technologies, platforms, and stakeholders.

As a Network Security Assurance and Remediation Engineer, you will join a dynamic team of experienced security professionals whom build and manage controls for automated engineering assessments as well as dynamic traffic anomaly detection

The right candidate will be knowledgeable with network-based controls' (e.g., firewalls, routers) architecture and engineering as well as have working knowledge of vulnerabilities and threat actors Tactics, techniques and Procedures. The right candidate will be able to effectively communicate to senior Leaders and non-technical stakeholders.

What you will do

• Build traffic-based controls via the Splunk Search App

• Build and maintain Engineering Compliance checks with the Skybox Security Suite

• Review and decision (Approve/Deny) Firewall/Router engineering requests.

• Review of engineering implementations for Golden Configuration drift and/or Information Security Policy violations

• Respond to and Investigate Security events and incidents via Network Security/Management tools and other Systems of Record

• Respond to and Investigate automated Alerts and drive towards issue closure.

• Partner with DevSecOps team to automate manual processes and strive towards Continuous Improvement

Required Skills

• 7 to 10 years Network/Firewall Engineering Experience

• Advanced Knowledge and Ability in Splunk Search App Query development, Dashboard creation and Alert generation

• Network (Router & Switch) engineering experience

• Working knowledge of Enterprise-grade Firewall Architecture and Engineering best practices

• Conceptual understanding of the MITRE ATT&CK Framework

Desired Skills

• UNIX Management (i.e., Red Hat, CentOS) Experience (a strong plus)

• Skybox Management & Compliance Check creation and maintenance

• Experience developing Regular Expressions

• Network Web and App Proxy (i.e., BlueCoat, Palo Alto) Management experience

• Solid programming/debugging skills with proficiency in one or more of the following: Java, JavaScript, HTML, XML, PHP, ASP.NET, AJAX, JSON

• Strong scripting skills (e.g., Python, Perl, Shell script, JavaScript)

• Knowledge of a Structured Query Language (SQL)

Competencies

• Ability and willingness to respond to off-hour engagements.

• Exemplary communication (written & verbal) skills to interact with Senior Leaders and non-technical stakeholders.

• Ability to perceive configuration flaws from a threat actor's point of view.

• Ability to work both independently, and as part of a team, in a very large scale, on an enterprise setting.

• Intellectually curious

• Ability to learn and apply critical thinking to a variety of situations.

Enterprise Role Overview - Analyzes, improves, implements, and executes security controls proactively to prevent external threat actors from infiltrating company information or systems. Researches more advanced and complex attempts/efforts to compromise security protocols. Maintains or reviews security systems, assesses security policies that control access to systems, and provides regular status updates to the management team. Typically has 5-10 years of relevant experience and will act as an individual contributor.

Shift:

1st shift (United States of America)

Hours Per Week:

40

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

To view the "EEO is the Law" poster, CLICK HERE (~~~) .

To view the "EEO is the Law" Supplement, CLICK HERE (~~~) .

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

To view Bank of America's Drug-free workplace and alcohol policy, CLICK HERE .