Network Governance and Compliance Engineer

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!


This job is responsible for tool and service designs within a technical domain that enable business strategies in accordance with architectural governance, standards and policies. Key responsibilities include creating infrastructure tools and their integration as a service, facilitating deployment of technical solutions by developing templates, playbooks and automation used during implementation. Job expectations include looking for opportunities to improve efficiency when implementing and maintaining tools/services and embracing a culture of innovation and continuous improvement.

Responsibilities:

• Provides subject matter expertise and consulting services on a range of technologies and assists Technical Analysts and Infrastructure Engineers to ensure that technology solutions comply with enterprise system design and engineering standards
• Assists with translating business requirements into technical definitions, reference models, blueprints, and playbooks for deployment in compliance with architecture standards and policies
• Assists in the evaluation of reference models, blueprints and playbooks to ensure they are fit for purpose
• Develops software solutions to address manual and repeatable work or inefficient processes
• Conducts on-site evaluations of third-party products being considered for firm adoption
• Promotes an inclusive and healthy working environment and helps to resolve organizational impediments/blockers
• Contributes to the creation/selection of functional and non-functional product evaluation requirements within and across domains

Job Description Summary:
The Cybersecurity Engineer within the External Networks Product Governance and Compliance team will be responsible to develop governance and compliance processes in support of the 9 products within External Networks including Perimeter Security, Threat Prevention, Load Balancing, B2B connectivity, External Hosting, Remote Access, Cloud and Internet Connectivity, Internal DMZ, and DDI products. Within this role will work in the discovery of compliance requirements from security baselines and network standards and work with product leads, architecture and implementation teams to develop sustainable compliance processes along with effective governance routines. Additionally will provide engineering consulting for the Threat Prevention and Perimeter Security areas in support of compliance remediation activities, reporting and general consulting for application teams.

Key Responsibilities

• Support the review and discovery of compliance requirements working closely with product managers and information security teams to ensure the adequate compliance of products against information security policies and standards.
• Develop the planning, design and deployment of sustainable compliance processes and governance routines.
• Work with leadership, product managers, risk and information security teams to identify, develop, prioritize and establish compliance processes for External Networks.
• Support existing compliance functions such as the rule review and remediation program, configuration management process, certificate management process, etc.
• Provide technical consulting for Threat Prevention (Web Proxy and Malware Inspection solutions) and Perimeter Security (Firewall solutions) in support of application teams and operations teams responsible for remediation activities, deployment of new connectivity requirements (i.e. rule designs), reporting and general consulting.
• Lead the resolution of complex technical problems through methodical analysis and evaluation of various technical factors and criteria.
• Lead strategic projects and initiatives providing technical direction and expertise and owning various deliverables throughout the project lifecycle.

Required Skills:

• A minimum of 5 years of experience in networks, network security, cyber security or equivalent technical experience.
• Experience supporting risk, compliance or governance functions for network or network security processes.
• Strong technical expertise in at least one of the following technologies and respective management systems (in order of desirability):
  • Web Content Filtering solutions (preferably McAfee or Bluecoat web proxies)
  • Perimeter Security (preferably Fortinet or Checkpoint firewalls)
  • Intrusion Detection (preferably TippingPoint IDS/IPS)
  • Malware inspection (preferably FireEye malware detection NX/VX)
  • Load Balancing (preferably F5 LTM/GTM and SSL Orchestrator)
• Must have good knowledge on fundamental networking concepts and protocols including TCP/IP, HTTP/HTTPS, SSL, DNS, DHCP, basic routing/switching, load balancing (LTM/GTM), SOCKS, 802.1X, AD, authentication protocols such as LDAP, NTLM or Kerberos, etc.
• Understanding of cryptography concepts, SSL certificates, SSL decryption/inspection, HSM/HSMaaS.
• Understanding of network authentication protocols including Kerberos, NTLM, LDAP, Basic authentication.
• Proven hands-on troubleshooting skills, network-based forensics, and proficient with log analysis and packet captures.

Desired Skills:

• B.S. in Computer Science, Information Technology, Systems Engineering or equivalent degree is preferred.
• Technical leadership, management, project management, or solutions delivery experience within network domains is a plus.
• Experience in automation and scripting is a big plus (Python, Java, etc.)
• Professional level certifications in networking or network security technologies is a plus (i.e. CCIE, CCNP, Security+, CCSP, CISSP, or similar)
• Proficient in Agile and ITSM service management processes (Request, Change, Incident, Problem)

Skills:

• Analytical Thinking
• Application Development
• Automation
• Production Support
• Risk Management
• Adaptability
• Business Acumen
• DevOps Practices
• Solution Delivery Process
• Solution Design
• Architecture
• Collaboration
• Innovative Thinking
• Stakeholder Management
• Technical Strategy Development

Shift:
1st shift (United States of America)

Hours Per Week:
40

Learn more about this role