Back to search results

SOAR Domain Expert

Denver, Colorado;

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:

Join our dynamic team and make a significant impact on our organization's security posture as our SOAR Domain Expert. If you are a dedicated and forward-thinking professional with a passion for security and innovation, we invite you to apply and contribute to our mission of safeguarding our valuable assets and data from evolving cyber threats.

Key Responsibilities:

1. Team Leadership and Development:

  • As an Individual Contributor with significant domain experience influence and mentor a team of talented Security Orchestration Automation and Response (SOAR) peers fostering a collaborative and high-performing work environment.
  • Set and achieve clear objectives, provide clarity and regular feedback, and contribute to performance evaluations to enhance the team's capabilities.
  • Promote professional growth by organizing training sessions and encouraging employees to pursue relevant certifications and industry advancements.

2. SIEM and SOAR Software Solution Architecture and Design:

  • Collaborate with internal stakeholders, including cybersecurity experts, IT operations, and business units, to understand security requirements and business goals.
  • Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases.
  • Conduct regular reviews and refinement of the architecture to accommodate changes in the threat landscape and business needs.

3. Development and Implementation:

  • Provide your expertise to augment the SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities of our SIEM and SOAR platforms.
  • Implement integrations with various data sources, security tools, and external threat intelligence feeds to enhance threat detection and response capabilities.
  • Ensure compliance with coding standards, security best practices, scalability, resiliency concepts, and data privacy regulations throughout the development lifecycle.

4. Security Incident Management:

  • Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation.
  • Conduct thorough analysis of security incidents, ensuring root cause analysis, and implement corrective actions to prevent future occurrences.
  • Collaborate with the Incident Response team to enhance incident handling and escalation procedures.

5. Performance Optimization and Scalability:

  • Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement.
  • Evaluate and implement appropriate infrastructure upgrades to support increasing data volumes and maintain optimal system performance.
  • Conduct load testing and performance tuning exercises to ensure the SIEM and SOAR platforms can handle ever expanding peak operational loads.

6. Compliance and Policy:

  • Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation.
  • Collaborate with the Compliance team to fulfill audit requests and participate in security assessments and penetration testing exercises.

7. Research and Innovation:

  • Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations.
  • Evaluate new SIEM and SOAR tools, Detection Engineering technologies, and techniques to improve the organization's security posture and stay ahead of potential threats.
  • Stay informed about Cloud detection and response security controls.


  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field or equivalent experience.
  • 5+ years of proven experience in SOAR and security operations, with a successful track record of leading SOAR projects from conception to implementation.
  • Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms.
  • Extensive knowledge of SOAR and SIEM platforms (e.g., Splunk SOAR, Splunk ES, LogicHub, Palo Alto Cortex SOAR).  Alternatively, similar experience with modern MXDR, MDR approaches or experience with Data Lake platforms (e.g., Databricks, Snowflake, or Cloudera).
  • Experience with other key security technologies, in at least two other areas across: network security, identify security, endpoint protection, data security, incident response, firewalls, or vulnerability management tools.
  • Knowledge of the detection and response security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure).
  • Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies.
  • Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes.
  • Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges.

Enterprise Overview:

This job is responsible for defining and leading the engineering approach for solutions at the program or portfolio level, to deliver significant business outcomes. Key responsibilities include continuously improving the design, quality, and reuse of the solution and delivering technology enablers that improve development efficiencies for the solution. Job expectations include familiarity with at least one area of engineering, acting as a “go to” reference across the organization, and applying knowledge to improve technical competencies through recruitment and development activities.


1st shift (United States of America)

Hours Per Week: 


Learn more about this role

Full time


Manages People: No

Travel: Yes, 5% of the time

Colorado pay and benefits information

Colorado pay range:

$150,000 - $227,600 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.


This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.