girl looking into her desktop
Back to search results

Crypto / Identity Security Architect

Chicago, Illinois;

Job Description:

Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

This role participates and assists more senior architects in the analysis, design, development and implementation of architectural deliverables, to include components of the assessment and optimization of system design and review of business requirements. Contributes to the determination of security requirements and alignment to information security policy. May be called upon to work with database, operations, technical support and other IT areas as appropriate throughout development and implementation processes. Serves as a technical security resource; provides technical knowledge and security capabilities as a team member and an individual contributor. Will not have direct reports but may influence and direct activities of a team related to special initiatives or operations. May provide input on staffing, budget and personnel. Typically 5 or more years of Information Security and IT experience.

Primary Level of Engagement: Works at the team level or program level.  Is an individual contributor under supervision from a more senior domain expert.

Primary Interactions:

  • Product Owner
  • Development Lead
  • Project / Solution Architect
  • Scrum Master / Project Manager
  • Senior Engineer
  • Information Security Engineer
  • Architect Community of Practice
  • BISO

Key Responsibilities:

  • Work across business and technology to create the solution intent and architectural vision and evolve it to align with GIS policy.
  • Consult with the business regarding problems and technology to understand challenges and find secure solutions through their knowledge of the domain, practical experiments and Proof of Concepts (POCs).
  • Lead rapid shaping of a high-level architecture with details filled in with emerging business requirements; ensure architecture is secure and designed to adapt easily.
  • Utilize the defined best practices, templates and documentation to create architectural designs; suggest improvements to best practices and templates through practical knowledge.
  • Work with Product Managers and Owners to plan and prioritize security-focused backlog items for the architecture runway to enable business epics and features.
  • Clarify the architecture and assist with system design (where needed) for the development teams to support implementation, and provide solution options to resolve any architectural impediments.
  • Perform design and code reviews to ensure all security requirements for a solution are sufficiently met (for example, confidentiality, integrity, and availability).
  • Educate team members on the security principles, technology practices, standardization strategies and best practices to create secure solutions.

Required Skills:

  • Ability to document security patterns across domains
  • Ability to gather requirements from stakeholders and translate into security designs
  • Familiarity with programming languages is desirable but not required

Preferred Skills:

  • Working knowledge of modern identity frameworks (FIDO, SAML, OAuth, OIDC)
  • Experience with commercial identity providers (e.g., Ping, Okta, Auth0)
  • Experience deploying multifactor authentication

- OR -

  • Working knowledge of crypto security fundamentals, included but not limited to (HSM integration, key generation and protection, symmetric and asymmetric use cases)
  • Working knowledge of crypto libraries, algorithms and cipher suites
  • Experience with managing secrets in cloud environments
  • Experience developing or onboarding security tooling to support encryption requirements

Enterprise Role Overview:

Participates in design, development and implementation of architectural deliverables, to include components of the assessment and optimization of system design and review of user requirements. Contributes to the determination of technical and operational feasibility of solutions. Develops prototypes of the system design and works with database, operations, technical support and other IT areas as appropriate throughout development and implementation processes. May lead multiple projects with competing deadlines. Serves as a fully seasoned/proficient technical resource; provides tech knowledge and capabilities as team member and individual contributor. Will not have direct reports but will influence and direct activities of a team related to special initiatives or operations, as well as mentor junior band 5 Architect 1's. Provides input on staffing, budget and personnel. Typically 7 or more years of architecture experience.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

This role participates and assists more senior architects in the analysis, design, development and implementation of architectural deliverables, to include components of the assessment and optimization of system design and review of business requirements. Contributes to the determination of security requirements and alignment to information security policy. May be called upon to work with database, operations, technical support and other IT areas as appropriate throughout development and implementation processes. Serves as a technical security resource; provides technical knowledge and security capabilities as a team member and an individual contributor. Will not have direct reports but may influence and direct activities of a team related to special initiatives or operations. May provide input on staffing, budget and personnel. Typically 5 or more years of Information Security and IT experience.

Primary Level of Engagement: Works at the team level or program level.  Is an individual contributor under supervision from a more senior domain expert.

Primary Interactions:

  • Product Owner
  • Development Lead
  • Project / Solution Architect
  • Scrum Master / Project Manager
  • Senior Engineer
  • Information Security Engineer
  • Architect Community of Practice
  • BISO

Key Responsibilities:

  • Work across business and technology to create the solution intent and architectural vision and evolve it to align with GIS policy.
  • Consult with the business regarding problems and technology to understand challenges and find secure solutions through their knowledge of the domain, practical experiments and Proof of Concepts (POCs).
  • Lead rapid shaping of a high-level architecture with details filled in with emerging business requirements; ensure architecture is secure and designed to adapt easily.
  • Utilize the defined best practices, templates and documentation to create architectural designs; suggest improvements to best practices and templates through practical knowledge.
  • Work with Product Managers and Owners to plan and prioritize security-focused backlog items for the architecture runway to enable business epics and features.
  • Clarify the architecture and assist with system design (where needed) for the development teams to support implementation, and provide solution options to resolve any architectural impediments.
  • Perform design and code reviews to ensure all security requirements for a solution are sufficiently met (for example, confidentiality, integrity, and availability).
  • Educate team members on the security principles, technology practices, standardization strategies and best practices to create secure solutions.

Required Skills:

  • Ability to document security patterns across domains
  • Ability to gather requirements from stakeholders and translate into security designs
  • Familiarity with programming languages is desirable but not required

Preferred Skills:

  • Working knowledge of modern identity frameworks (FIDO, SAML, OAuth, OIDC)
  • Experience with commercial identity providers (e.g., Ping, Okta, Auth0)
  • Experience deploying multifactor authentication

- OR -

  • Working knowledge of crypto security fundamentals, included but not limited to (HSM integration, key generation and protection, symmetric and asymmetric use cases)
  • Working knowledge of crypto libraries, algorithms and cipher suites
  • Experience with managing secrets in cloud environments
  • Experience developing or onboarding security tooling to support encryption requirements

Enterprise Role Overview:

Participates in design, development and implementation of architectural deliverables, to include components of the assessment and optimization of system design and review of user requirements. Contributes to the determination of technical and operational feasibility of solutions. Develops prototypes of the system design and works with database, operations, technical support and other IT areas as appropriate throughout development and implementation processes. May lead multiple projects with competing deadlines. Serves as a fully seasoned/proficient technical resource; provides tech knowledge and capabilities as team member and individual contributor. Will not have direct reports but will influence and direct activities of a team related to special initiatives or operations, as well as mentor junior band 5 Architect 1's. Provides input on staffing, budget and personnel. Typically 7 or more years of architecture experience.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21044614

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Michael Geddie

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$107,500 - $153,000 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the Corporate Performance Incentive Plan. Qualified employees are eligible for an annual discretionary award based on their overall individual results and behaviors performance at year-end (limited roles may also qualify for incentives during performance year).

Benefits

This role is eligible for all usual company benefits. At Bank of America, our employees are the foundation of our success. That’s why we’re committed to offering a variety of competitive programs and benefits that support your physical, emotional and financial wellness both at work and at home.