Bank Of America Secure Coding Sr Manager 

United States, District of Columbia, Washington 

512938821

Job Description:

Job Description:

Key Responsibilities:
• Integrate and manage SAST scans across development pipelines.
• Integrate and manage DAST scans across development pipelines.
• Analyze scan results, triage vulnerabilities, and collaborate with development teams to adjudicate findings.
• Contribute to secure coding practices and application security standards.
• Support DevSecOps initiatives by embedding security into CI/CD workflows.
• Stay current with emerging threats, vulnerabilities, and security technologies.

Required Qualifications:
• Minimum of 5 years of professional pen testing, application security or ethical hacking experience, preferably in a large, complex, enterprise environment
• Detailed technical knowledge in at least 3 of the following areas: security engineering; application architecture; authentication and security protocols; application session management; applied cryptography; common communication protocols; mobile frameworks; single sign-on technologies; exploit automation platforms; RESTful web services
• Experience performing manual code reviews for security relevant issues
• Proven experience in application development (e.g., Java, .NET, Python, JavaScript).
• Significant experience with Checkmarx SAST or similar static scanning tools.
• Significant experience with Invicti DAST or similar dynamic scanning tools.
• Strong understanding of OWASP Top 10 and secure coding principles.
• Hands on experience with CI/CD tools and cloud environments.
• Excellent problem-solving and communication skills.

Desired Qualifications
• Security certifications (e.g., CSSLP, GWAPT, OSWE).
• Experience with other AppSec tools (e.g., SCA).
• Knowledge of container security and API security.

Managerial Responsibilities:
This position may also have responsibilities for managing associates. At Bank of America, all managers at this level demonstrate the following responsibilities, in addition to those specific to the role, listed above.

• Opportunity & Inclusion Champion: Models an inclusive environment for employees and clients, aligned to company Great Place to Work goals.
• Manager of Process & Data: Demonstrates deep process knowledge, operational excellence and innovation through a focus on simplicity, data based decision making and continuous improvement.
• Enterprise Advocate & Communicator: Communicates enterprise decisions, purpose, and results, and connects to team strategy, priorities and contributions.
• Risk Manager: Ensures proper risk discipline, controls and culture are in place to identify, escalate and debate issues.
• People Manager & Coach: Provides inspection, coaching and feedback to motivate, differentiate and improve performance.
• Financial Steward: Actively manages expenses and budgets in alignment with objectives, making sound financial decisions.
• Enterprise Talent Leader: Assesses talent and builds bench strength for roles across the organization.
• Driver of Business Outcomes: Delivers results by effectively prioritizing, inspecting and appropriately delegating team work.