Network Cyber Threat Defense Security Engineer

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
 

Job Description:

This is a Cyber Security role in Information Security with a focus on Network Security Engineering. The candidate will work in a fast paced environment, identifying and responding to cyber security events, while developing engineering solutions and network architectures that enable efficient and timely responses to mitigate malicious actors.

The Network Defense (ND) team in the Global Information Security organization is responsible for defending the Bank's Internet facing networks and applications from disruptive security threats such as Distributed Denial of Service (DDoS) attacks. Network Defense works at the tip of the spear to ensure that customers have an uninterrupted network experience, by rapidly responding to security events, developing defenses, and mitigating attacks. ND team members are expected to be subject matter experts on disruptive security events and able to apply their extensive knowledge of computer networking and cyber security threats in order to develop solutions to complex cyber scenarios.

Minimum Years of Experience - 3

Key Responsibilities
•    Lead end-to-end engineering projects for network security infrastructure, including DDoS mitigation platforms, BGP routing safeguards, and global cloud scrubbing services.
•    Architect, plan, and execute platform upgrades and large-scale control improvements.
•    Evaluate, select, and implement next-generation security controls, aligning with regulatory and financial services industry standards.
•    Define and maintain baseline configurations for on and off premise DDoS scrubbing solutions, CDN rules, cloud security controls, and other related security controls.
•    Partner with enterprise network engineering teams to ensure security considerations are integrated into all bank-wide infrastructure projects.
•    Conduct validation and testing of controls before and after deployment; maintain full auditable documentation for regulatory compliance.
•    Act as a subject matter expert on DDoS defense, BGP hijack protection, and internet-scale threat resilience.
•    Provide advanced troubleshooting and resolution of complex configuration issues across global environments.
•    Mentor a diverse group of network engineers and security operations experts in the delivery of network security responsibilities.

Required Qualifications
•    Expertise in DDoS defense technologies 
•    Strong understanding of BGP routing, border gateway security, and internet-scale resiliency engineering.
•    Deep knowledge of network protocols (GRE, TCP/IP, UDP, DNS, HTTP/S).
•    Experience with enterprise-scale infrastructure projects and cloud security integration.
•    Hands-on with configuration management, validation frameworks, and automated monitoring solutions.
•    Familiarity with regulatory compliance frameworks (FFIEC, OCC, SOX, PCI DSS) in financial services.
•    Demonstrated leadership in global project delivery across distributed teams.
 

Skills:

• Cyber Security

• Data Privacy and Protection

• Problem Solving

• Process Management

• Threat Analysis

• Business Acumen

• Data and Trend Analysis

• Interpret Relevant Laws, Rules, and Regulations

• Risk Analytics

• Stakeholder Management

• Access and Identity Management

• Data Governance

• Encryption

• Information Systems Management

• Technology System Assessment

Shift:

Hours Per Week: