Software Engineer III - GBS IND

Job Description:

About us

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

 Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Global Business Services

Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations.

Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence and innovation.

In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services.

Process Overview

Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary
data, and customer information. Cyber Security technology function is responsible of development and maintenance
of security products across Bank of America. Team works on various security products and develops in-house
products.

Job Description

Teammates in this role deliver moderately complex tools and systems that mitigate the risk of malicious cyber-attacks. Individuals in this role contribute to the protection of system boundaries, keeping computer systems and network devices hardened against attacks and secure sensitive data. It is important that those in this role actively create and nurture partnerships with peer teams and identify opportunities for cross-team collaboration. Individuals in this role operate within a structured environment with some oversight but, in absence of clear direction, take initiative and tackle complex problems within one or more security engineering domains.

Responsibilities

• Responsible for maintaining vendor security applications primarily related to crypto/security functions.
• In-depth understanding of business partner’s requirements for the applications/systems. Analyze the requirements and recommend on technical and operational feasibility of the solutions.
• Enhance the existing developed applications of crypto solutions like key management, payment gateways and general purpose HSMs integrate end user applications to leverage these feasibilities.
• Develop prototypes of the system design and work with database, operations, technical support, and other various technology areas throughout the development and implementation processes.
• As senior technical resource mentor the to the team members.
• Responsible for administering and managing cryptographic keys, including key life cycle management, centrally manage keys with granular key management and proper access controls per our crypto security standards and policy guidance.
• Work closely with stakeholders to define crypto requirement for KMS and HSM needs.

Requirements

• Education : B.E. / B. Tech/M.E. /M. Tech/M.Sc./MCA (prefer IT/CS specialization)
• Certifications (If Any) :NA
• Experience Range : 8+ Years

Foundational skills

• Key life cycle management, understand and implement enterprise cryptography standards per industry standards. Specialize in KMS products like CipherTrust Manager and OKV.
• Knowledge of Risk in key management and Crypto compliances per industry standards including Data classification, policies, and data standards, Content filtering.
• Knowledge of privileged user access control, Audit logging
• Implement Best practices per the Oasis KMIP 2 standards, EMVCo, Global Platform, Multos, ANSI, FIPS140-2, NIST SP 800-57
• Netskope CASB solution and Database encryption with Microsoft SQL TDE, Oracle TDE with PKCS11 and KMIP compliant products.
• RESTful calls with CASB and cloud native applications, PKCS#11, JCE, .NET, MCCAPI, MS CNG
• Ability to implement REST API consoles example Postman.
• Full-stack monitoring using log ingress solutions with Splunk and SNMP v2.0
• Data security platform engineering
• 3–5 years of experience in information security technology

Desired skills

• Excellent verbal, technical presentation and written communications skills are essential

Work Timings : 11:30 Am - 8:30 Pm IST
Job Location : Chennai, Hyderabad