Bank Of America Cloud Security Engineer – AWS Vulnerability & Misconfiguration Management United States, Illinois, Chicago 8343579
Job Description:
This role requires 3 years of experience.
Job Responsibilities:
• Identify vulnerabilities and misconfigurations across the AWS platform, resources, and workloads.
• Maintain cloud security posture management (CSPM) and vulnerability management tools such as Inspector, Wiz, Qualys, CrowdStrike.
• Develop automated detection and monitoring for insecure configurations, excessive permissions, and non-compliant deployments.
• Partner with engineering, DevOps, and application teams to provide remediation guidance and drive secure by design solutions.
• Triage and report vulnerabilities with risk ratings to ensure timely remediation.
• Research and stay ahead of emerging cloud threats, vulnerabilities, and industry best practices.
• Contribute to cloud security standards, baselines, and playbooks to improve enterprise-wide security posture.
• Support governance, risk, and compliance requirements by ensuring alignments with regulatory and internal policy standards.
• Drive Cloud Security solutions in alignment with the Bank’s cloud strategy and in accordance with security best practices.
• Develops strong partnerships by demonstrating operational expertise as a subject matter expert.
Required Qualifications:
• Experience with AWS native services, tools, and architecture.
• Understanding of cloud security principles and practice
• Working knowledge of cloud threat landscape
• Technical experience in infrastructure and/or security functions
• Understanding of DevSecOps and CI/CD pipeline integration through security engineering lifecycles.
• Understanding of Threat modeling and frameworks
• Understanding of vulnerability management and scanning tools
• Experience in project management
• Well-developed analytic, qualitative, and quantitative reasoning skills with a demonstrated creative problem-solving ability.
• Ability to work independently with little oversight on complex initiatives.
• Extremely motivated, hungry to learn
• Ability to communicate complex concepts to all levels of understanding and technical ability.
Desired Qualifications
• CISSP/CCSP/CISM
• Cloud specific Security certifications such as SANS/GIAC
• Vendor specific and relevant certifications – AZ-500, SC-200, AZ-204, CKA, CKS, RHCE, etc.
• Bachelors degree in a technical field
משרות נוספות שיכולות לעניין אותך
