Data Protection Threat Detection Lead jobs at Bank Of America in United States, Chicago

Job Description:

Job Description:

Key Responsibilities:

• Develop and maintain security detection use cases across DLP channels (e.g., endpoint, cloud, network).
• Drive tuning and refinement of detection logic to improve fidelity and reduce false positives.
• Leverage knowledge of proxy architectures and internet connectivity patterns to optimize detection logic, ensure visibility and address evasion techniques.
• Partner with control owners (e.g., DLP, Email, Endpoint) to ensure detection alignment with business risk and policy coverage.
• Design and document automation playbooks to support consistent detection response workflows, ensuring they can be operationalized by the appropriate teams.
• Consult with policy and control owners on new projects and proposed changes to ensure detection coverage remains effective and aligned to data protection requirements.
• Review proposed control changes and new technology integrations to validate they meet detection and monitoring requirements.
• Map detection logic to threat models, including MITRE ATT&CK, and continuously evaluate coverage gaps.
• Collaborate with Response Managers, Threat Intelligence, and Engineering to validate and optimize alerting logic.
• Translate validated adversary behaviors from hunt exercises, threat intelligence, and incident trends into refined detection use cases and tuning strategies.
• Perform targeted detection-focused hunts within DLP channels to validate coverage and identify gaps.
• Review detection health and signal integrity, and lead quality assurance of rule performance.
• Create and maintain runbooks and detection documentation to support SOC operations and audit requirements.
• Provide technical oversight and mentorship to analysts and detection stakeholders across regions.
• Collaborate with audit and risk teams to demonstrate detection control effectiveness and alignment to regulatory expectations.

Core Competencies:

• Strong analytical skills with the ability to identify detection gaps and operational inefficiencies.
• Excellent communication and documentation skills; able to translate technical content for various audiences.
• Proactive, collaborative, and capable of working across global teams.
• Adept at managing competing priorities and leading through influence.

Required Qualifications

• 7+ years of experience in cybersecurity roles with a focus on detection, security operations, or threat response.
• Deep knowledge of SIEM platforms, EDR, DLP, UEBA, and cloud telemetry (e.g., Splunk, CrowdStrike, Symantec, Microsoft Purview, Sentinel, Wiz).
• Experience collaborating with threat hunting or conducting targeted hunts to identify detection gaps and inform use case development
• Familiarity with structured detection logic (EDM, Regex, YARA, Sigma) and signal tuning principles.
• Strong understanding of MITRE ATT&CK and threat-informed defense frameworks.
• Experience in regulated industries (e.g., financial services) preferred.

Skills:

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis
• Business Acumen
• Data and Trend Analysis
• Interpret Relevant Laws, Rules, and Regulations
• Risk Analytics
• Stakeholder Management
• Access and Identity Management
• Data Governance
• Encryption
• Information Systems Management
• Technology System Assessment

Job Description:

Job Description:

The Information Security Transformation Lead willdrivethe design, integration, and execution of enterprise-wide transformation initiatives to strengthen data protection and data security capabilities within the Data Loss Prevention (DLP) organization. The role spans all DLP channels — endpoint, network, cloud, email, internet, and data at rest — ensuring the program evolves to meet advanced threats, regulatory requirements, and strategic business needs.

This highly technical position demands deep expertise in information security architecture, engineering, and threat detection with a proven track record in implementing modern, scalable, and secure data protection capabilities. The Transformation Lead serves as the strategic and technical lead for DLP transformation, ensuring the DLP organization delivers best-in-class data protection capabilities across all channels.

Key Responsibilities

• Own the DLP transformation roadmap for data protection and data security across all channels, aligning with enterprise information security architecture and DLP strategy.
• Conduct deep technical assessments of DLP and adjacent security capabilities, identifying architecture, tooling, and process gaps.
• Partner with control owners to develop functional and non-functional requirements for new capabilities, ensuring alignment to threat models and compliance requirements.
• Architect and guide the delivery of integrated data protection solutions, incorporating DLP tooling, encryption, cloud-native controls, and internet security capabilities.
• Develop and maintain threat models for data exfiltration and insider threat scenarios, mapping to frameworks such as MITRE ATT&CK.
• Oversee technical design for secure internet traffic inspection, advanced policy enforcement, and automation for faster detection and response.
• Ensure all transformation efforts meet regulatory, audit, and security policy standards (e.g., NIST 800-53, FFIEC, GDPR, CCPA).
• Act as a trusted advisor to GIS, CTO, and enterprise stakeholders on advanced data protection strategies and engineering practices.
• Provide clear executive-level reporting on transformation progress, security posture improvements, and program maturity.

Required Qualifications

• Minimum of 7 years of information security expertise in architecture, engineering, and operations, with focus areas in:
  • DLP across endpoint, network, email, cloud, and data at rest
  • Internet protocols, proxy and gateway security, firewall policy design
  • Cloud security architectures and SaaS data protection
  • Encryption, key management, and secure data handling
• Proven experience integrating data protection solutions with SIEM, SOAR, CASB, EDR/XDR, IAM, and secure web gateways.
• Strong capability in threat modeling and translating results into security architecture changes.
• Understanding of regulatory and industry standards for high-risk data in financial services and other regulated environments.
• Ability to lead technical design reviews and challenge architectural decisions to ensure security-by-design.
• Exceptional relationship management and influence skills across complex, global organizations.

Desired Qualifications

• Security certifications such as CISSP, CCSP, CISM, or GIAC.
• Automation and scripting skills (Python, PowerShell, etc.).
• Experience in AI-assisted anomaly detection for data security.
• Background in financial services or similarly regulated industries.

Skills:

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis
• Access and Identity Management
• Business Acumen
• Interpret Relevant Laws, Rules, and Regulations
• Risk Analytics
• Stakeholder Management
• Data Governance
• Data and Trend Analysis
• Incident Management
• Information Systems Management
• Technology System Assessment

This job is responsible for defining and leading the engineering approach across end-to-end technology stacks. Key responsibilities include leading teams to deliver design solutions, engaging in development environments to identify and improve performance/capacity issues, and ensuring system design solutions comply with enterprise standards. Job expectations include demonstrating technical expertise within domains, decomposing objectives into work units, advancing efficient solution delivery practices, and promoting exceptional design, engineering and organizational practices.

Service Design & Deliveryengineer oversees delivery of collaboration and productivity solutions at the bank, for example M365 product suite, voice, and video solutions.) The role requires technical knowledge and process expertise to examine what’s needed to introduce or the bank’s collaboration and productivity service. The goal is ensuring programs and/or projects are delivered end-to-end (design, build, operate) with high quality, focus on user experience, proper processes, and required security and compliance controls based on collaboration with bank’s teams.

Responsibilities:

• Ensures that execution aligns with product strategy by working with product management, product owners, and other stakeholders, contributing to the technology strategy for their technical domain
• Mentors and guides Solution Engineer resources and more junior engineers on performance evaluation and validation methods and tools ensuring system design technology solutions comply with enterprise system design and engineering standards
• Participates in solution-driven discussions, such as various Communities of Practice (COPs), contributes to the design of large or highly complex architectural designs, and finds creative solutions through their knowledge of the domain and operational constraints
• Collaborates with Development and Infrastructure teams to understand technical solutions and provide the performance capabilities required in the application across the technology stacks provided by peer Engineering Leads
• Manage overall program execution and program health inclusive of tasks, risks, dependencies, and impediments.
• Accountable for end-to-end plan ensuring delivery by expected date.
• Collaborate with cross-functional teams to identify and prioritize dependent tasks, track open deliverables to closure.
• Engage and support bank and vendor teams to define critical tasks and inter-dependencies needed to deliver.
• Track watch items, issues, and risks with corresponding mitigation plans for disposition before implementation.
• Track user experience testing and document results, if required.
• Manage user migration, communication, and training for programs as required.
• Drive development of service management measures and KPIs as required.
• As needed, document improvement plans over the course of delivery.
• Prepare briefing notes, reports, program updates, and action plans for Senior Management

Required Qualifications:

• Demonstrated experience delivering M365 or Regulated Messaging Services preferred, or equivalent technical projects.
• Ability to work well with other bank team members to deliver on their tasks.
• Strong communication (written and spoken skills).
• Expert organizational skills and analytical skills.
• Effective attention to detail and ability to determine course of action as required.
• Ability to learn bank’s system and tollgates needed to perform role; knowledge of Jira preferred.
• Interact effectively with teams, internal customers, and leadership as needed.
• Handle multiple projects simultaneously.
• Proficiency in Microsoft Office Suite and advanced proficiency with Microsoft Visio
• 7-10 years’ experience working on technology initiatives.
• Bachelor’s degree preferred.

Skills:

• Analytical Thinking
• Collaboration
• Innovative Thinking
• Solution Delivery Process
• Solution Design
• Architecture
• Automation
• Influence
• Risk Management
• Technical Strategy Development
• Adaptability
• Application Development
• Business Acumen
• DevOps Practices
• Production Support

Role Responsibilities

Required Qualifications

• 5+ years of experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
• Experience analyzing system, network, and application logging for attack techniques at all stages of the cyber kill chain.
• Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk, Python, Pandas, SQL, Hadoop, Hue.
• Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways
• Ability to see the larger picture when dealing with competing requirements and needs from across the organization in order to build consensus and drive results.
• Ability to navigate and work effectively across a complex, geographically dispersed organization.

Desired Qualifications

• Experience with more than one or more enterprise scale EDR and SIEM tool.
• Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals.
• Experience with offensive security tools such as Cobalt Strike/Metasploit, techniques such as OSINT, and the methods used to compromise large enterprise networks.
• Previous experience performing digital forensics or indecent response on major security incidents.

Skills:

• Critical Thinking
• Customer and Client Focus
• Information Systems Management
• Problem Solving
• Threat Analysis
• Cyber Security

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Job Description:

Job Description:

This job is responsible for defining and leading the engineering approach for complex features to deliver significant business outcomes. Key responsibilities of the job include delivering complex features and technology, enabling development efficiencies, providing technical thought leadership based on conducting multiple software implementations, and applying both depth and breadth in a number of technical competencies. Additionally, this job is accountable for end-to-end solution design and delivery.

The team has a strong focus Cryptography and promotes enterprise wide adherence to the Cryptography Standard. There are a few key projects in which you would be involved. First, there is the development of the Cryptographic Inventory Platform, which will help to demonstrate adherence to all requirements listed in the standard. Second would be participation in the design and development of the future road map to ensure the bank is prepared for Post Quantum Cryptography.

Key Responsibilities:

• Ensures that the design and engineering approach for complex features are consistent with the larger portfolio solution
• Define the technology tool stack for the solution and evaluate and adapt new testing tool/framework/practices for team(s)
• Enables team(s)/applications with Continuous Integration/Continuous Development (CI/CD) capabilities and engages with other technical stakeholders pertaining to efficient functioning of CI-CD pipeline
• Guides and influences team(s) on design and best practices for high code performance –e.g. pairing, code reviews
• Provides end-to-end delivery of complex features, including automation, for either a single team or multiple teams, at the program level
• Conducts research, design prototyping and other exploration activities such as evaluating new toolsets and components for release management, CI/CD, and features
• Works with stakeholders to establish high-level solution needs and with architects for technical requirements
• Leverage initiative programs and coordinate with product owners to merge technical and business change to enable us to move forward on this journey.
• Design and execute the implementation plans to both move forward strategically, while at the same time ensuring the current technology stack is supporting current needs
• Manage multiple priorities, and simultaneously engage with multiple teams worldwide
• Be vocal and actively participate in all session with business stakeholders and agile teams
• Coach and mentor team members

Required Qualifications:

• 5+ years of experience leading development teams
• Strong hands-on coding ability in C# language with experience working in ASP.NET MVC framework and .NET Core (required)
• Strong hands on experience with JavaScript - specifically Node.js or React.js (required).
• Database experience with SQL Server and other common relational DBs (required)
• Enterprise level software/platform architecture experience, including designing and delivering APIs and leading complex integrations
• An understanding of fundamental algorithms and ability to optimize existing code
• Proficient written and verbal communication skills to support and shape the platform and clearly articulate technical designs and concepts; and to communicate effectively with all levels within the organization
• Self-starter with the ability to challenge conventions; excellent communication skills
• Strong analytical skills which enable ability to problem solve, apply reason, take initiative, use judgment, and perform concurrent tasks
• Relationship building skills
• A team player with strong interpersonal skills, e.g. collaborative working skills
• Follows clean code principles
• Follows Test Driven Development practices including continual integration
• Experience of Scrum/ Agile methods
• Experience with data modeling inclusive of ingesting and storing data

Desired Qualifications:

• Knowledge of Data at rest crypto, i.e - Key Management/Lifecycle
• Strong understanding of key exchange protocols and message authentication codes, along with practical implementation experience
• Familiarity with modern security protocols such as TLS and SSH
• Knowledge of Post Quantum Cryptography and its implications on system security and encryption
• Familiarity with NIST, ISO, PCI-DSS standards
• Knowledge Cloud Service Providers and key protection
• Bachelor’s degree in Computer Science or related technology field or equivalent work experience

Skills:

• Automation
• Influence
• Result Orientation
• Stakeholder Management
• Technical Strategy Development
• Application Development
• Architecture
• Business Acumen
• Risk Management
• Solution Design
• Agile Practices
• Analytical Thinking
• Collaboration
• Data Management
• Solution Delivery Process

Role Responsibilities

Required Qualifications

• 5+ years of experience in a technical role in the areas of Security Operation, Incident Response, Detection Engineering, Offensive Security/Red Team, or Cyber Threat Intelligence.
• Experience analyzing system, network, and application logging for attack techniques at all stages of the cyber kill chain.
• Direct experience working with very large datasets and log analysis tools including but not limited to: Splunk, Python, Pandas, SQL, Hadoop, Hue.
• Experience consuming and analyzing Cyber Threat Intelligence for actionable takeaways
• Ability to see the larger picture when dealing with competing requirements and needs from across the organization in order to build consensus and drive results.
• Ability to navigate and work effectively across a complex, geographically dispersed organization.

Desired Qualifications

• Experience with more than one or more enterprise scale EDR and SIEM tool.
• Demonstrated ability to self-direct, with minimal supervision to achieve assigned goals.
• Experience with offensive security tools such as Cobalt Strike/Metasploit, techniques such as OSINT, and the methods used to compromise large enterprise networks.
• Previous experience performing digital forensics or indecent response on major security incidents.

Skills:

• Critical Thinking
• Customer and Client Focus
• Information Systems Management
• Problem Solving
• Threat Analysis
• Cyber Security

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Job Description:

Job Description:

Primary Level of Engagement: Works at the program level. Can be an individual contributor or manager of talent.

Primary Interactions:

• Product Owner
• Analyst
• Release/Solution Train Engineer
• Delivery Lead
• Architect/Senior Architect
• Senior/Principal Engineer
• Technology/Senior Technology Mgr.
• Product Owner Community of Practice
• GIS Senior Executives

Primary Responsibilities:

• Mentors and provides guidance to team members to foster a collaborative and knowledgeable environment.
• As an expert, create the vision and roadmap for the program based on customer requirements, industry trends, regulations, and the strategic direction for the business or technology domain.
• Provide input into defining business capabilities and aligning them to products or creating new products to support them.
• Articulate the business value to Product Owners so they understand product and strategy; Ensure alignment across product roadmap to achieve portfolio objectives.
• Create and prioritize features/epics in the program backlog; empowered to make decisions about trade-offs with emerging work versus planned work.
• Refine features/epics with the Product Owners to ensure there is enough “ready” work for the upcoming 1-2 quarters.
• Review and accept features/epics and is empowered to make on-the-spot decisions on scope and requirements.
• Work in partnership with the Product Owners and the teams to ensure that optimum value is obtained through technology and through an advanced understanding of the business and industry trends.

Required Qualifications:

• 7+ years of experience at an Enterprise level for IAM, Product Management and/or related field
• Strong understanding of IAM concepts, frameworks, and technologies
• Experience working in agile methodologies and product management matched by a track record of driving successful transformation.
• Exceptional interpersonal skills and a collaborative spirit that enables you to work effectively with stakeholders at all levels, and communicate product vision, strategy, progress and gather feedback to drive capability improvements.
• Strong analytical skills with high attention to detail and accuracy with the ability to use data to communicate change.

How:

• Planful: Thoughtfully setting, proactively managing, and predictably achieving commitments through strategy, process, communication, and delivery.
• Ownership: Acceptance of full responsibility for delivery outcome – “buck stops here” mentality. And collaboratively addressing problems as they arise.
• Connected: Clear orientation and understanding of where you, your team, your work/priorities join with others in a common goal.
• Consistency: Drive toward and adoption of logical, efficient, and sustainable processes and tools to achieve predictable results.
• Accuracy: Achieving business value (as agreed with key stakeholders and control partners) within defined tolerance across measurable parameters (scope, schedule, cost).