Bank Of America Azure - Senior Cloud Security Engineer 

United States, Colorado, Denver 

814276053

Job Description:

This role will help to build a continuous improvement process as part of the Azure Cloud Security Operations team. It will partner across GIS to identify, escalate, and drive corrective actions related to lack of visibility or monitoring within the Azure environments. You may lead cross functional teams within Global Technology that research, engineer, test, implement, communicate, monitor, and maintain solutions supporting the Bank’s information security policies and/or procedures. You will utilize your in-depth knowledge and business requirements to design and engineer secure solutions to meet partner teams’ needs, or to address critical audit findings while protecting the Bank's cloud assets.

Required Skills
• Bachelor’s or Master’s Degree in Computer Science, Information Systems, Cyber Security, or related field.
• Eight (8) or more years relevant Cyber Security experience with at least five (5) years in Cloud SOC and/or Purple Team roles.
• Highly organized and motivated self-starter who can deliver results with minimal direction.
• Experience designing and implementing technical solutions to enhance visibility, alerting capabilities, and reduce risk within Cloud IaaS, PaaS, and M365 environments.
• Experience reviewing applications, infrastructure, and architectural designs to identify threats and vulnerabilities.
• Experience with a range of Azure native services and tools.
• Experience writing and modifying Analytic Rules.
• Experience designing and implementing SOAR capabilities within Azure.
• Deep understanding of Microsoft Azure.
• Deep understanding of Cyber Security control environments and their relationship to zero-trust networks.
• Understanding of threat frameworks, such as MITRE ATT&CK for Cloud and D3FEND.
• Understanding of Risk Management principles.
• Deep experience in building, configuring, operating and/or securing cloud infrastructure and applications in Azure with either native cloud service provider capabilities or 3rd party vendor tools.
• Proven ability to leverage Azure native capabilities to build custom reports and dashboards.
• Ability to independently assess risks and identify vulnerabilities in infrastructure with an eagerness to suggest new processes, policies, and overall improvements to internal security controls.
• Experience partnering with incident response teams, threat intelligence researchers, Red/Purple teams, and/or HUNT researchers.
• Familiarity with common Information Security and data protection frameworks and standards (i.e. CIS, NIST, HIPAA, GDPR, PCI DSSS, ISO 270001).
• Ability to navigate and collaborate effectively within a geographically complex and dispersed global corporation.
• Excellent verbal and written communication skills with ability to distill key data points and effectively present information.

Preferred Certifications
• AZ-500
• SC-200
• CCSP / CCSK
• CISSP / CISM / Security +
• Network +

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

1st shift (United States of America)