Senior .net Software Engineer - Vulnerability Management jobs at Bank Of America in United States, Chicago

Job Description:

Job Description:

We are seeking a highly skilled and experienced Senior Security Automation Engineer to lead the design, implementation, and optimization of security automation workflows using the Tines platform. This role requires deep technical expertise in security orchestration, cloud architecture, and API integrations, as well as experience working closely with Security Operations Centers (SOC), Incident Response (IR) teams, and cross-functional stakeholders. The ideal candidate will bring a strong security engineering background, hands-on experience with modern automation platforms, and a strategic mindset to drive scalable and secure automation initiatives.

Key Responsibilities
• Architect, implement, and maintain advanced automation workflows using Tines.
• Collaborate with SOC and IR teams to identify high-impact use cases for automation.
• Integrate Tines with enterprise systems including EDR, SIEM, threat intelligence platforms, and cloud services.
• Lead secure integration of Tines with SSO, credential vaults, and external repositories.
• Design and configure secure connectivity solutions (e.g., Cloudflare tunnels, VPNs) for hybrid environments.
• Develop and maintain orchestration stories across platforms such as:
• CrowdStrike, Tanium, Splunk, Anvilogic, ThreatQ, AWS, and Azure.
• Write, test, and debug Python-based automation logic.
• Analyze Tines logs and metrics to optimize performance and reliability.
• Create and maintain technical documentation, runbooks, and architectural diagrams.
• Engage with stakeholders across security, infrastructure, and application teams to gather requirements and align automation efforts with business goals.
• Ensure all automation workflows adhere to enterprise security policies and change management processes.

Minimum Years of Experience 8

Required Qualifications
• 8+ years of experience in cybersecurity, with at least 3+ years in a security automation or engineering role.
• Proven experience working with SOC and/or Incident Response teams to operationalize automation.
• Hands-on experience with Tines or similar SOAR platforms (e.g., Splunk SOAR, Palo Alto XSOAR).
• Strong programming skills in Python; experience with Git and CI/CD pipelines.
• Deep understanding of REST APIs, webhooks, and secure API integrations.
• Experience with cloud platforms (AWS, Azure, or GCP), including automation and security architecture.
• Familiarity with AI/ML integrations (e.g., AWS Bedrock, OpenAI APIs) is a plus.
• Experience configuring secure tunnels (e.g., Cloudflare, SSH, VPN) for hybrid environments.
• Strong knowledge of security frameworks and best practices (e.g., NIST, MITRE ATT&CK).
• Excellent communication skills and ability to translate technical concepts for non-technical stakeholders.
• Experience with Agile/Scrum methodologies and tools like Jira and Confluence.

Desired Qualifications
• CISSP, GIAC, or equivalent security certification.
• Tines certifications (both entry-level and advanced preferred).
• AWS Certified Security – Specialty or equivalent cloud security certification.

Skills:

• Automation

• Influence

• Result Orientation

• Stakeholder Management

• Technical Strategy Development

• Application Development

• Architecture

• Business Acumen

• Risk Management

• Solution Design

• Agile Practices

• Analytical Thinking

• Collaboration

• Data Management

• Solution Delivery Process

Job Description:

Job Description:

Job Description:

We are looking for a Senior .Net Software Engineer to guide the development of a complex internal, on-prem application built on ASP.NET MVC, background jobs, and distributed services. This role is a blend of hands-on engineering and technical leadership, ensuring high-quality feature delivery, architectural consistency, and team mentorship. This role goes beyond standard web development - you’ll work with distributed systems, high-throughput messaging, and search and big data tools.

You’ll lead across the stack, from C# and SQL to Kafka, Redis, SOLR, and HBase, on a complex internal application with a mix of modern and legacy components and multiple integrations via Web APIs and Message Queues. You’ll be expected to build resilient, self-healing features that gracefully handle intermittent failures. Front-end work includes maintaining and improving functionality built with ASP.NET MVC, jQuery, ES6, and Bootstrap.

Responsibilities

• Ensures that the design and engineering approach for complex features are consistent with the larger portfolio solution.
• Conduct research, design prototyping and other exploration activities such as evaluating new toolsets and components for release management, CI/CD, features, etc.
• Help define the technology tool stack for the solution. Evaluate and adapt new testing tool/framework/practices for team(s).
• Enables team(s)/applications with Continuous Integration/Continuous Development (CI/CD) capabilities and engages with other technical stakeholders pertaining to efficient functioning of CI-CD pipeline.
• Support/mentor/coach team(s) on design and best practices for high code performance (e.g. pairing, code reviews).
• Constantly seek better ways of solving technical problems and designing the solution, not afraid of challenging the status quo.
• Works with stakeholders to establish high-level solution needs and with architects for technical requirements.
• Accountable for end-to-end delivery of complex features, including automation, for either a single team or multiple teams, at the program level.
• Lead the technical oversight for teams in solution development.
• Author and update documentation for production support and operations teams.
• Partner with leadership on transition planning for ServiceNow migration, helping identify what to re-platform vs. modernize.

Required Qualifications:

• Minimum of 10+ years of experience in .NET (C#) development, with strong knowledge of ASP.NET MVC and service-based architectures.
• Experience designing, building, and leading delivery of background services and job processing frameworks.
• Proficiency in JavaScript (ES6+) and jQuery for front-end maintenance.
• Hands-on experience with Kafka, Redis, HBase, and SOLR/Elasticsearch.
• Strong SQL skills and knowledge of performance tuning.
• Deep understanding of resilience and reliability patterns in distributed systems.
• Experience working with RESTful Web APIs; familiarity with enterprise system integration.
• Proven ability to mentor engineers, influence architecture decisions, and drive technical discussions with stakeholders.
• Familiarity with CI/CD pipelines, Git workflows.

Desired Qualifications:

• Degree and/or certifications in Cybersecurity (e.g. CISSP, CISM) or Vulnerability Management (e.g. GIAC GEVA)
• Experience with ServiceNow integrations or ServiceNow development.
• Familiarity with frameworks like Polly, MassTransit, or Hangfire for retries, orchestration, and job scheduling.
• Experience modernizing legacy applications or re-platforming features into enterprise platforms.

Skills:

• Automation
• Influence
• Result Orientation
• Stakeholder Management
• Technical Strategy Development
• Application Development
• Architecture
• Business Acumen
• Risk Management
• Solution Design
• Agile Practices
• Analytical Thinking
• Collaboration
• Data Management
• Solution Delivery Process

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Job Description:

Job Description:

Senior Quantitative engineers in Global Risk are responsible for designing and overseeing the implementof common, reusable, and scalable software components. These components enable GRM’s data and analytical capabilities. These components can be domain independent (e.g., generic data quality tools over

Responsibilities:

• Seek opportunities for consistent improvement in quality, efficiency, and processes

• Partner effectively with senior stakeholders within GRA & EIT, Front Line Units, Technology, Audit and Compliance

• Provide leadership and oversight to less experienced team members

• Applying quantitative methods to develop capabilities that meet line of business, risk management and regulatory requirements

• Understanding financial data: schemas, flow, size, data issues, data controls, etc.

• Building performant big data pipelines

• Use programming skills and knowledge of software development lifecycle principles to deliver high quality code for model and testing processes

• Collaborate with key stakeholders across the Bank to understand modeling and testing business processes and requirements

• Think outside the box of current industry standards to develop innovative approaches

• Maintaining and continuously enhancing capabilities over time to respond to the changing nature of portfolios, economic conditions and emerging risks

• Source and evaluate data required for modeling and testing

• Design and develop and implement models and tests

• Produce clear, concise and repeatable technical documentation models and testsfor internal and regulatory purposes

Candidates should have the following technical skills:

• Software engineering: modular code, software lifecycle processes, unit testing, regression testing

• Big data: distributed computing paradigms (e.g.,mapreduce,dataframes,etc.), optimizing distributed software

• Modeling / quantitative: basic modeling techniques (regression, classification, clustering,etc.

Soft Skills:

• High level of intellectual curiosity

• Experience implementing strategic process improvements and/or automation

• Proven track record of building relationships and effectively influencing key stakeholders

• Adept at detecting and remediating organizational / process weaknesses and deficiencies

• Feels ownership and accountability for delivering high quality work, able to balance multiple priorities and meet strict deadlines

• Strong written, verbal, presentation creation and delivery skills, typically to very senior audiences

• Well organized with attention to detail

• Willing to challenge the status quo and with a track record of driving change

Minimum Education Requirement:

• Bachelor’s degree in Computer Science, a closely related field, or a degree from a program where software engineering was a key focus or equivalent work experience

• 7+ years of relevant work experience

Qualifications:

• At least 7 years of relevant experience in software engineering in Quantitative Finance or other industries

• Strong Programming skills (e.g., Python) and solid understanding of Software Development Life cycle principles

• Proven track record of seamlessly leading and executing enterprise-wide initiatives

• The candidate must be a strong communicator and able to effectively explain the rationale and details of the methodologies to a broad set of audiences that include key senior stakeholders across the Bank, as well as auditors and regulators

• Strong analytical and problem-solving skills

Candidates should have at least three of the following skills:

• Experience applying quantitative methods such as modelling, data analytics, machine learning, and statistics to develop business solutions

• Experience with large scale data sets with structured or unstructured data

• Experience in building user facing applications over large amounts of data using technologies like React, Angular, JavaScript etc.

• Experience implementing process improvements and automation

Job Description:

Job Description:

This job is responsible for analyzing the day-to-day issues, researching, and providing resolution for various issues identified within a business unit. Key responsibilities include building new procedures, completing complex non-routine analytics, creating reports, and reviewing exception testing and processing. Job expectations include supporting continuous improvement of processes by identifying trends and understanding the operations environment.

Responsibilities:

• Leads implementation for products, services, and operational solutions
• Manages the design, documentation, implementation, and monitoring of new products and services
• Consults on procedural, technical, and operational changes
• Advances business products knowledge within operations environment
• Fosters relationships with partners and teammates
• Inspects data to identify issues and trends
• Presents reporting on key performance and implementation status

Skills:

• Attention to Detail
• Monitoring, Surveillance, and Testing
• Policies, Procedures, and Guidelines Management
• Regulatory Compliance
• Written Communications
• Adaptability
• Business Acumen
• Continuous Improvement
• Critical Thinking
• Process Mapping
• Change Management
• Consulting
• Data Management
• Reporting
• Research

Required Qualifications:

• Minimum 2 years of experience in operations analysis, business process improvement, or a similar role within financial services or a regulated industry
• Strong written and verbal communication skills
• High attention to detail and critical thinking skills
• Ability to adapt to changing priorities and manage multiple initiatives simultaneously

Desired Qualifications:

• Minimum 5 years of experience in operations analysis, business process improvement, or a similar role within financial services or a regulated industry (specifically Global Vendor Finance)
• Bachelor’s degree
• Proven ability to perform complex, non-routine data analysis using tools such as Excel

Minimum Education Requirement:

• High School Diploma / GED / Secondary School or equivalent

Job Description:

Job Description:

Role Responsibilities:

• Partner with GIS operational and technical teams to identify opportunities for AI-driven enhancements to security controls and architecture.
• Drive the technical implementation of the design and deployment of AI-powered tools for threat hunting, anomaly detection, and automated incident response.
• Oversee the development and operationalization of custom ML/LLM models tailored to cybersecurity use cases.
• Guide architectural transformations to support scalable AI integration across the enterprise.
• Act as a technical expert on AI-driven cybersecurity initiatives, mentoring junior engineers and analysts.
• Prototype and evaluate emerging AI technologies for applicability in cyber threat detection and response.
• Serve as a thought leader and subject matter expert on AI in cybersecurity, advising senior leadership and influencing enterprise-wide strategy.
• Ensure responsible and ethical use of AI in security operations, including model governance, bias mitigation, and explainability.
• Collaborate with offensive security teams to develop AI-enhanced red teaming and adversarial emulation capabilities.
• Drive innovation in proactive defense mechanisms using predictive analytics and autonomous threat response.

Required Qualifications

• 7+ years of hands on experience in cybersecurity, preferably Offensive Security or Cyber Threat Operations
• Hands-on experience building agentic AI systems, LLMs, and custom ML model development.
• Experience with enterprise cloud AI development platforms such as Azure AI Foundry, AWS Bedrock, or GCP Vertex
• Strong understanding of offensive security tactics and how AI can enhance red teaming, attack path mapping, and threat modeling.
• Experience leading large-scale technical projects involving security data pipelines, model deployment, and automation.
• Deep knowledge of cyber threat actor behaviors, attack vectors, and defensive countermeasures.
• Ability to translate complex technical concepts into actionable strategies for senior executives.
• Familiarity with AI governance, model risk management, and regulatory considerations in financial services.
• Experience with modern data platforms, cloud-native architectures, and MLOps frameworks.
• Demonstrated ability to drive consensus across diverse stakeholders and influence enterprise-wide initiatives.
• Strong communication and presentation skills, especially in executive and cross-functional settings.

Desired Qualifications

• Experience with AI-enhanced SOAR (Security Orchestration, Automation, and Response) platforms.
• Familiarity with adversarial machine learning and AI security risks.
• Background in data engineering, feature engineering, and model lifecycle management.
• Experience with open-source AI frameworks (e.g., PyTorch, TensorFlow, LangChain).
• Prior work in regulated industries with a focus on compliance and risk mitigation.

Skills:

• Artificial Intelligence
• Critical Thinking
• Threat Analysis
• Cyber Security
• Data Privacy and Protection
• Data and Trend Analysis
• Stakeholder Management

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Job Description:

Job Description:

Responsibilities

As a Critical Infrastructure Assurance Review (CIAR) - Info Security Exposure Mgmt. Sr Specialist, the individual will be focused on the following areas:
• Performing Critical Infrastructure Assurance Review (CIAR) process design and maturation.
• Testing of Core Infrastructure identified AITs, leveraging industry standard guidance against evolving ransomware and malware tactics, techniques, and procedures.
• Partnering with infrastructure teams and SMEs to facilitate the collection of evidence.
• Exercising independent judgment in evaluation criteria to obtain results.
• Performing QA and determining levels of compliance.
• Submitting observations for remediation tracking.
• Tracking and reporting of assessment status to leadership team.
• Iterating on the assessment and continually improving its in-scope questions and controls.

Required Skills:
• Experience in Information Security and/or IT Audit
• Technical writing and verbal communication skill
• Ability to effectively work with partners at varying knowledge and organization levels.
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
• Highly organized and motivated to deliver results with minimal direction.
• Creative and proactive problem solver – ability to understand what the team needs and offer suggestions above and beyond what they desire.
• Naturally curious individual with the ability to quickly become the authority in the various data and systems used by the team.
• Strong relationship, team building and facilitation skills.
• Good knowledge of current ransomware and malware threats and vulnerabilities, operating systems, database management and OSI Model.
• Proficient with Microsoft Office (Word, PowerPoint, Excel), Tableau, SharePoint.

Desired skills:
• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
• Experience in coordinating team projects
• Knowledge of NIST and NSA guidelines

• Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)

This job will be open and accepting applications for a minimum of seven days from the date it was posted.