Network Governance and Compliance Engineer
Company: Bank of America
Location: Richmond
Posted on: September 4, 2024
Job Description:
Job Description:
At Bank of America, we are guided by a common purpose to help make
financial lives better through the power of every connection.
Responsible Growth is how we run our company and how we deliver for
our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great
place to work for our teammates around the world. We're devoted to
being a diverse and inclusive workplace for everyone. We hire
individuals with a broad range of backgrounds and experiences and
invest heavily in our teammates and their families by offering
competitive benefits to support their physical, emotional, and
financial well-being.
Bank of America believes both in the importance of working together
and offering flexibility to our employees. We use a multi-faceted
approach for flexibility, depending on the various roles in our
organization.
Working at Bank of America will give you a great career with
opportunities to learn, grow and make an impact, along with the
power to make a difference. Join us!
Job Description:
This job is responsible for tool and service designs within a
technical domain that enable business strategies in accordance with
architectural governance, standards and policies. Key
responsibilities include creating infrastructure tools and their
integration as a service, facilitating deployment of technical
solutions by developing templates, playbooks and automation used
during implementation. Job expectations include looking for
opportunities to improve efficiency when implementing and
maintaining tools/services and embracing a culture of innovation
and continuous improvement.
Responsibilities:
- Provides subject matter expertise and consulting services on a
range of technologies and assists Technical Analysts and
Infrastructure Engineers to ensure that technology solutions comply
with enterprise system design and engineering standards
- Assists with translating business requirements into technical
definitions, reference models, blueprints, and playbooks for
deployment in compliance with architecture standards and
policies
- Assists in the evaluation of reference models, blueprints and
playbooks to ensure they are fit for purpose
- Develops software solutions to address manual and repeatable
work or inefficient processes
- Conducts on-site evaluations of third-party products being
considered for firm adoption
- Promotes an inclusive and healthy working environment and helps
to resolve organizational impediments/blockers
- Contributes to the creation/selection of functional and
non-functional product evaluation requirements within and across
domains
Job Description Summary:
The Cybersecurity Engineer within the External Networks Product
Governance and Compliance team will be responsible to develop
governance and compliance processes in support of the 9 products
within External Networks including Perimeter Security, Threat
Prevention, Load Balancing, B2B connectivity, External Hosting,
Remote Access, Cloud and Internet Connectivity, Internal DMZ, and
DDI products. Within this role will work in the discovery of
compliance requirements from security baselines and network
standards and work with product leads, architecture and
implementation teams to develop sustainable compliance processes
along with effective governance routines. Additionally will provide
engineering consulting for the Threat Prevention and Perimeter
Security areas in support of compliance remediation activities,
reporting and general consulting for application teams.
Key Responsibilities
- Support the review and discovery of compliance requirements
working closely with product managers and information security
teams to ensure the adequate compliance of products against
information security policies and standards.
- Develop the planning, design and deployment of sustainable
compliance processes and governance routines.
- Work with leadership, product managers, risk and information
security teams to identify, develop, prioritize and establish
compliance processes for External Networks.
- Support existing compliance functions such as the rule review
and remediation program, configuration management process,
certificate management process, etc.
- Provide technical consulting for Threat Prevention (Web Proxy
and Malware Inspection solutions) and Perimeter Security (Firewall
solutions) in support of application teams and operations teams
responsible for remediation activities, deployment of new
connectivity requirements (i.e. rule designs), reporting and
general consulting.
- Lead the resolution of complex technical problems through
methodical analysis and evaluation of various technical factors and
criteria.
- Lead strategic projects and initiatives providing technical
direction and expertise and owning various deliverables throughout
the project lifecycle.
Required Qualifications:
- A minimum of 5 years of experience in networks, network
security, cyber security or equivalent technical experience.
- Experience supporting risk, compliance or governance functions
for network or network security processes.
- Strong technical expertise in at least one of the following
technologies and respective management systems (in order of
desirability):
- Web Content Filtering solutions (preferably McAfee or Bluecoat
web proxies)
- Perimeter Security (preferably Fortinet or Checkpoint
firewalls)
- Intrusion Detection (preferably TippingPoint IDS/IPS)
- Malware inspection (preferably FireEye malware detection
NX/VX)
- Load Balancing (preferably F5 LTM/GTM and SSL
Orchestrator)
- Must have good knowledge on fundamental networking concepts and
protocols including TCP/IP, HTTP/HTTPS, SSL, DNS, DHCP, basic
routing/switching, load balancing (LTM/GTM), SOCKS, 802.1X, AD,
authentication protocols such as LDAP, NTLM or Kerberos, etc.
- Understanding of cryptography concepts, SSL certificates, SSL
decryption/inspection, HSM/HSMaaS.
- Understanding of network authentication protocols including
Kerberos, NTLM, LDAP, Basic authentication.
- Proven hands-on troubleshooting skills, network-based
forensics, and proficient with log analysis and packet
captures.
Desired Qualifications:
- B.S. in Computer Science, Information Technology, Systems
Engineering or equivalent degree is preferred.
- Technical leadership, management, project management, or
solutions delivery experience within network domains is a
plus.
- Experience in automation and scripting is a big plus (Python,
Java, etc.)
- Professional level certifications in networking or network
security technologies is a plus (i.e. CCIE, CCNP, Security+, CCSP,
CISSP, or similar)
- Proficient in Agile and ITSM service management processes
(Request, Change, Incident, Problem)
Skills:
- Analytical Thinking
- Application Development
- Automation
- Production Support
- Risk Management
- Adaptability
- Business Acumen
- DevOps Practices
- Solution Delivery Process
- Solution Design
- Architecture
- Collaboration
- Innovative Thinking
- Stakeholder Management
- Technical Strategy Development
Job Band:
H5
Shift:
1st shift (United States of America)
Hours Per Week:
40
Weekly Schedule:
Referral Bonus Amount:
0
-->
Keywords: Bank of America, Richmond , Network Governance and Compliance Engineer, Engineering , Richmond, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...