Bank of America is currently seeking an experienced Sr. DevOps Engineer/IT Security Specialist to support our mission of providing secure, reliable, and innovative cloud solutions to our healthcare clients. The Sr. DevOps Engineer works to deliver high-quality cloud solutions and helps drive a strong DevOps culture. As part of the Cloud Operations team, you will be responsible for the architecture, development, deployment, and operations of our cloud infrastructure. You will be expected to share the on-call duty with the rest of the Cloud Operations and engineering teams. Working closely with our development teams you will be a champion of DevOps best practices including CI/CD, Infrastructure as code, containerization, microservice architecture, automated testing, and security.
• Collaborate with Developers to build a world-class infrastructure that can meet our customer’s security and uptime requirements
• Act as a key contributor to the development of our developer and CI/CD processes to improve our developer agility and code quality
• Manage mission-critical cloud-based production systems; proactively take action if/when systems are down or there are interruptions in service; root cause and implement corrective actions to build long-term customer loyalty
• Help create and evolve our operational processes
• Help to identify emerging technologies & security practices that can enhance our offering to our customers
• Be passionate about security, automation, quality, and reliability.
• Knowledge of AWS and its associated technologies, both from Security and Cloud Ops perspective (Guard Duty, Control Tower, etc.)
• Knowledge of Terraform
• Experience taking vulnerabilities that are generated from 3rd Party scanning, do the analysis, determine remediation and implement remediation on lower environments. Validate fix, follow process to get that on to Production.
• Experience with Incident Management and crisis management
• Perform Patch management tasks include: maintaining current knowledge of available patches, deciding what patches are appropriate for particular systems, ensuring that patches are installed properly, testing systems after installation, and documenting all associated procedures.
• Maintain smooth operation of multi-user computer systems, including coordination with network, software, and system engineers, PC desktop technicians, project managers, end users, and customer and IT management.
• Recommend and implement system enhancements that will improve the performance and reliability of the system including installing, upgrading/patching, monitoring, problem resolution, and configuration management.
• Provide backup and recovery services; manage file systems and disk space; manage virus protection on a routine basis.
• Create and maintain user and computer accounts and modify file permissions and security access lists.
• Test new releases of products to ensure compatibility and minimize user impact.
• Develop and document technical processes and procedures as needed. Provide technical assistance and support for incoming queries and issues related to computer systems, software, and hardware.
• Assign configuration of authentication and authorization of Active Directory services.
• Minimum 3+ years in Cloud Technologies preferably AWS
• Minimum 3+ years of experience with deployment orchestration systems such as Kubernetes, ECS, and Elastic Beanstalk
• Minimum 2+ years of experience working with CI/CD tools such as CircleCI or Jenkins
• Minimum 2+ years of experience with Docker and Docker-Compose
• Minimum 4+ years with configuration management and automation tools (e.g., Puppet, Ansible, Chef, CloudFormation, SaltStack, Terraform)
• Strong Linux system administration experience
• Strong programming experience in at least one language (python, node, java, go, c/c++, ruby)
• Experience with logging and monitoring tools such as ELK, DataDog or NewRelic, LogEntries, SumoLogic, etc.
• Able to participate in 24/7 on-call rotation
• Strong written and verbal communication skills
Enterprise Role Overview - Leads the analysis, implementation, execution and improvement of proactive security controls to prevent external threat actors from infiltrating company information or systems. Conducts research and provides leadership updates regarding advanced attempts/efforts to compromise security protocols. Maintains or reviews security systems and assesses security policies that control access to systems. Provides status updates and recommendations to the leadership team regarding the impact of theft, destruction, alteration or denial of access to information. Follows standard practices and procedures in analyzing situations or data. Typically has 5-10 years of relevant experience and will act as an individual contributor.
Shift:1st shift (United States of America)
Hours Per Week:40
Learn more about this role