Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
Want more jobs like this?
Get Software Engineering jobs in Charlotte, NC delivered to your inbox every week.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Position Summary:
The Risk Lead provides governance, oversight, and proactive management of all risk related items across the External Networks Perimeter & Threat Prevention team. This role ensures timely remediation of all risks, including, but not limited to vulnerabilities, Non-Permitted Technologies (NPT), RISE deliverables, ERPs, xIAI, and certification renewals. This role also ensures requirements of the Global Compliance Enterprise Policy, the Operational Risk Management Enterprise Policy (collectively "the Policies"), the Compliance and Operational Risk Management Program and Standard Operating Procedures are implemented and identifying, challenging, escalating, and mitigating risks in a timely manner and meeting the SLA. Partnering with Global Risk Management organization, which is responsible for ensuring "best-in-class" and consistent risk committee governance practices across the company. We are seeking a highly motivated, detail-oriented individual to support risk governance and risk remediation deliverables.
Required Qualifications:
- 3+ years engineering experience in Threat Prevention / Content Inspection technologies
- Experience with web proxies for advanced content filtering (i.e. McAfee Web Gateway)
- Experience in malware prevention and data loss prevention systems, including Day Zero threat prevention (i.e. FireEye)
- Fundamental networking concepts of DNS, DHCP, Firewalls. Load balancing, IPS, basic routing/switching; excellent understanding of TCP/IP and packet analysis
- Experience in creating Application and network diagrams including all pertinent flows and decisions.
- Capability to summarize complex issues into executive summaries
- Basic understanding of Cryptography, SSL certificates, SSL decryption / offload methodologies, HSM/HSMaaS
Desired Qualifications:
- Experience with log analysis/reporting tools (e.g. Splunk)
- Strong written/verbal skills
- Strong documentation skills
- Basic programming/scripting (e.g. Python)
- Strong networking background
- Developing application and network diagrams including all pertinent flows and decisions
- Capability to summarize complex issues into executive summaries
Skills:
- Analytical Thinking
- Application Development
- Production Support
- Risk Management
- Solution Design
- Automation
- Business Acumen
- DevOps Practices
- Solution Delivery Process
- Stakeholder Management
- Adaptability
- Architecture
- Innovative Thinking
- Project Management
- Technical Strategy Development
Shift:
1st shift (United States of America)
Hours Per Week:
40