Cloud SIEM Engineer

Bank of America
Washington
Full-time

Description

Join our dynamic team and make a significant impact on our organization's security posture as our Cloud SIEM Engineer. If you are a dedicated and forward-thinking professional with a passion for security and innovation, we invite you to apply and contribute to our mission of safeguarding our valuable assets and data from evolving cyber threats.

Key Responsibilities :

1. Leadership and Development :

As an Individual Contributor with significant Cloud (AWS or Azure) and Security Information and Event Management (SIEM) domain experience collaborate and influence a team of talented developers in a collaborative and high-performing work environment.

Set and achieve clear objectives, provide clarity and regular feedback, and contribute to performance evaluations to enhance the team's capabilities.

Promote professional growth by organizing training sessions and encouraging employees to pursue relevant certifications and industry advancements.

2. AWS Detection Engineering :

Understand and help drive Detection Engineering efforts in SIEM or SOAR as appropriate within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the banks platform and workloads.

3. SIEM and SOAR Software Solution Architecture and Design :

Collaborate with internal stakeholders, including cybersecurity experts, IT operations, and business units, to understand security requirements and business goals.

Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases.

Conduct regular reviews and refinement of the architecture to accommodate changes in the threat landscape and business needs.

4. Development and Implementation :

  • Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats.
  • Implement integrations with various data sources, security tools, and external threat intelligence feeds to enhance threat detection and response capabilities.
  • Ensure compliance with coding standards, security best practices, scalability, resiliency concepts, and data privacy regulations throughout the development lifecycle.

5. Security Incident Management :

  • Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation.
  • Conduct thorough analysis of security incidents, ensuring root cause analysis, and implement corrective actions to prevent future occurrences.
  • Collaborate with the Incident Response team to enhance incident handling and escalation procedures.

6. Performance Optimization and Scalability :

  • Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement.
  • Evaluate and implement appropriate infrastructure upgrades to support increasing data volumes and maintain optimal system performance.
  • Conduct load testing and performance tuning exercises to ensure the SIEM and SOAR platforms can handle ever expanding peak operational loads.

7. Compliance and Policy :

  • Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation.
  • Collaborate with the Compliance team to fulfill audit requests and participate in security assessments and penetration testing exercises.

8. Research and Innovation :

  • Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations.
  • Evaluate new SIEM and SOAR tools, Detection Engineering technologies, and techniques to improve the organization's security posture and stay ahead of potential threats.
  • Stay informed about Cloud detection and response security controls.

Required :

  • 3+ years of proven experience in SIEM and security operations (e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel, Google Chronicle).
  • 3+ years of experience with Splunk, certifications preferred
  • 3+ Year experience with the detection and response-based security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure).
  • Understanding of Threat Modeling and Detection Engineering best practices.
  • Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms.
  • Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies.
  • Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes.
  • Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges.
  • Experience with Infrastructure as Code (CDK, Cloud Formation, Terraform)
  • Experience with Git base source code Management.
  • Experience in Agile teams
  • Bachelor's or Master's degree in Computer Science, Information Security, or a related field or equivalent experience.
  • Skills :
  • Influence
  • Influence
  • Result Orientation
  • Solution Design
  • Stakeholder Management
  • Technical Strategy Development
  • Access and Identity Management
  • Critical Thinking
  • Cyber Security
  • Information Systems Management
  • Risk Management
  • Collaboration
  • DevOps Practices
  • Financial Management
  • Solution Delivery Process
  • Test Engineering

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift :

1st shift (United States of America)

Hours Per Week :

30+ days ago
Related jobs
Bank of America
Washington

Understand and help drive Detection Engineering efforts in SIEM or SOAR as appropriate within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the banks platform an...

Promoted
SOSi
Joint Base Lewis-McChord, Washington

SOSi is seeking a Senior level WMD Analyst to support our government customer in multiple locations across the globe. ...

Promoted
VirtualVocations
Seattle, Washington

Key Responsibilities:Administers network security programs, including event detection and postmortem analysisAnalyzes network traffic logs and escalated work orders, recommending process improvementsAssists in developing companywide security training materials and ensures compliance with regulations...

Promoted
McKinstry Company
Seattle, Washington

We are adding a Senior Information Security Analyst to our growing Technology division in Seattle, WA. Additionally, the senior analyst effectively communicates security concepts to both technical and non-technical stakeholders, ensuring a cohesive and informed approach to maturing the security post...

Promoted
Grange Insurance Association
Seattle, Washington

As a Senior Network & Security Engineer, you will be responsible for maintaining and supporting the company's infrastructure, systems, security and data communications. As a Senior Network & Security Engineer, you will be responsible for maintaining and supporting the company's infra...

Promoted
Insight Global
Seattle, Washington
Remote

Network Security, Information Security or IT industry. Security background, understanding of security frameworks (NIST, ISO, etc). A large financial enterprise in Phoenix, AZ is looking for Network Cloud Security Engineer. Location: Phoenix, AZ or ATL - hybrid - REMOTE for the right candidate. ...

Promoted
Big A Tech Search
Vancouver, Washington

As a Network Security Engineer, you'll provide advanced networking and engineering support for the company data center, networks, and cloud infrastructure. Kw: network security engineer, network security administrator, fortinet, azure, fortigate, fortimanager, fortianalyzer, sd-wan, cisco, vmware, v...

Promoted
Canonical - Jobs
Tacoma, Washington

The role can also include a number of other activities, including security assessment and code review, internal tooling developments, community engagement, security hardening and feature development and industry collaboration participation. This is an exciting opportunity to join an industry leading...

Promoted
The Talent Mine
Seattle, Washington

Security Engineer, with expertise on both application and network security for an immediate FTE role in the DT Seattle area. You have done hands on admin / engineering work in the past, and have moved on to specialize within network and systems security, to identify vulnerabilities and look for ways...

Promoted
Monolithic Power Systems
Kirkland, Washington

We are worldwide technical leaders in Integrated Power Semiconductors and Systems Power delivery architectures. Work with design engineers, field applications team, and marketing to define and debug analog/mix signal power IC products. Provide support for key customers and field application engineer...