Cloud SIEM Engineer
Company: Disability Solutions
Location: Denver
Posted on: October 12, 2024
Job Description:
Job Description:At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. Responsible Growth is how we run our company and
how we deliver for our clients, teammates, communities and
shareholders every day.One of the keys to driving Responsible
Growth is being a great place to work for our teammates around the
world. We're devoted to being a diverse and inclusive workplace for
everyone. We hire individuals with a broad range of backgrounds and
experiences and invest heavily in our teammates and their families
by offering competitive benefits to support their physical,
emotional, and financial well-being.Bank of America believes both
in the importance of working together and offering flexibility to
our employees. We use a multi-faceted approach for flexibility,
depending on the various roles in our organization.Working at Bank
of America will give you a great career with opportunities to
learn, grow and make an impact, along with the power to make a
difference. Join us!Job Description:Join our dynamic team and make
a significant impact on our organization's security posture as our
Cloud SIEM Engineer. If you are a dedicated and forward-thinking
professional with a passion for security and innovation, we invite
you to apply and contribute to our mission of safeguarding our
valuable assets and data from evolving cyber threats.Key
Responsibilities:1. Leadership and Development:As an Individual
Contributor with significant Cloud (AWS or Azure) and Security
Information and Event Management (SIEM) domain experience
collaborate and influence a team of talented developers in a
collaborative and high-performing work environment. Set and achieve
clear objectives, provide clarity and regular feedback, and
contribute to performance evaluations to enhance the team's
capabilities. Promote professional growth by organizing training
sessions and encouraging employees to pursue relevant
certifications and industry advancements.2. AWS Detection
Engineering:
- Understand and help drive Detection Engineering efforts in SIEM
or SOAR as appropriate within AWS environments, using technologies
such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS
CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM
technologies to help defend the banks platform and workloads. 3.
SIEM and SOAR Software Solution Architecture and Design:
- Collaborate with internal stakeholders, including cybersecurity
experts, IT operations, and business units, to understand security
requirements and business goals. Architect and design scalable and
resilient SIEM and SOAR solutions that can effectively handle
diverse data sources and complex security analytics use cases.
Conduct regular reviews and refinement of the architecture to
accommodate changes in the threat landscape and business needs.4.
Development and Implementation:
- Provide your expertise to augment the SIEM and SOAR development
teams in coding, testing, and deploying custom applications to
enhance the capabilities to detect advanced threats.
- Implement integrations with various data sources, security
tools, and external threat intelligence feeds to enhance threat
detection and response capabilities.
- Ensure compliance with coding standards, security best
practices, scalability, resiliency concepts, and data privacy
regulations throughout the development lifecycle.5. Security
Incident Management:
- Develop and refine strategies for proactive threat detection,
incident identification, and efficient response and
remediation.
- Conduct thorough analysis of security incidents, ensuring root
cause analysis, and implement corrective actions to prevent future
occurrences.
- Collaborate with the Incident Response team to enhance incident
handling and escalation procedures.6. Performance Optimization and
Scalability:
- Continuously monitor the performance of the SIEM and SOAR
systems and identify areas for optimization and enhancement.
- Evaluate and implement appropriate infrastructure upgrades to
support increasing data volumes and maintain optimal system
performance.
- Conduct load testing and performance tuning exercises to ensure
the SIEM and SOAR platforms can handle ever expanding peak
operational loads.7. Compliance and Policy:
- Ensure adherence to industry standards, regulatory
requirements, and internal security policies in all aspects of SIEM
development and operation.
- Collaborate with the Compliance team to fulfill audit requests
and participate in security assessments and penetration testing
exercises.8. Research and Innovation:
- Stay informed about the latest cybersecurity threats, trends,
and emerging technologies relevant to SIEM and SOAR development and
security operations.
- Evaluate new SIEM and SOAR tools, Detection Engineering
technologies, and techniques to improve the organization's security
posture and stay ahead of potential threats.
- Stay informed about Cloud detection and response security
controls. Required:
- 3+ years of proven experience in SIEM and security operations
(e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS
Sentinel, Google Chronicle).
- 3+ years of experience with Splunk, certifications
preferred
- 3+ Year experience with the detection and response-based
security controls in at least one Public Cloud environment (e.g.,
AWS, GCP, Azure).
- Understanding of Threat Modeling and Detection Engineering best
practices.
- Proficient programming skills in languages such as Python,
Java, or C++, with a solid understanding of data structures and
algorithms.
- Familiarity with threat intelligence feeds, cybersecurity
frameworks, and incident response methodologies.
- Strong leadership abilities, with experience in influencing
technical teams and driving successful outcomes.
- Excellent problem-solving skills, analytical mindset, and a
proactive approach to addressing security challenges.
- Experience with Infrastructure as Code (CDK, Cloud Formation,
Terraform)
- Experience with Git base source code Management.
- Experience in Agile teams
- Bachelor's or Master's degree in Computer Science, Information
Security, or a related field or equivalent experience.Skills:
- Influence
- Result Orientation
- Solution Design
- Stakeholder Management
- Technical Strategy Development
- Access and Identity Management
- Critical Thinking
- Cyber Security
- Information Systems Management
- Risk Management
- Collaboration
- DevOps Practices
- Financial Management
- Solution Delivery Process
- Test EngineeringThis job will be open and accepting
applications for a minimum of seven days from the date it was
posted.Shift:1st shift (United States of America)Hours Per Week:
40Pay Transparency detailsUS - CO - Denver - 1144 15th St (CO9926),
US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)Pay
and benefits informationPay range$98,400.00 - $160,800.00
annualized salary, offers to be determined based on experience,
education and skill set.Discretionary incentive eligibleThis role
is eligible to participate in the annual discretionary plan.
Employees are eligible for an annual discretionary award based on
their overall individual performance results and behaviors, the
performance and contributions of their line of business and/or
group; and the overall success of the Company.BenefitsThis role is
currently benefits eligible. We provide industry-leading benefits,
access to paid time off, resources and support to our employees so
they can make a genuine impact and contribute to the sustainable
growth of our business and the communities we serve.
Keywords: Disability Solutions, Littleton , Cloud SIEM Engineer, Engineering , Denver, Colorado
Didn't find what you're looking for? Search again!
Loading more jobs...