Network Cyber Threat Defense Security Engineer - DDOS

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
 

Job Description:

This is a Cyber Security role in Information Security with a focus on Network Security Engineering. The candidate will work in a fast paced environment, identifying and responding to cyber security events, while developing engineering solutions and network architectures that enable efficient and timely responses to mitigate malicious actors.

The Network Defense (ND) team in the Global Information Security organization is responsible for defending the Bank's Internet facing networks and applications from disruptive security threats such as Distributed Denial of Service (DDoS) attacks. Network Defense works at the tip of the spear to ensure that customers have an uninterrupted network experience, by rapidly responding to security events, developing defenses, and mitigating attacks. ND team members are expected to be subject matter experts on disruptive security events and able to apply their extensive knowledge of computer networking and cyber security threats in order to develop solutions to complex cyber scenarios.

Minimum Years of Experience - 3

Key Responsibilities
•    Lead end-to-end engineering projects for network security infrastructure, including DDoS mitigation platforms, BGP routing safeguards, and global cloud scrubbing services.
•    Architect, plan, and execute platform upgrades and large-scale control improvements.
•    Evaluate, select, and implement next-generation security controls, aligning with regulatory and financial services industry standards.
•    Define and maintain baseline configurations for on and off premise DDoS scrubbing solutions, CDN rules, cloud security controls, and other related security controls.
•    Partner with enterprise network engineering teams to ensure security considerations are integrated into all bank-wide infrastructure projects.
•    Conduct validation and testing of controls before and after deployment; maintain full auditable documentation for regulatory compliance.
•    Act as a subject matter expert on DDoS defense, BGP hijack protection, and internet-scale threat resilience.
•    Provide advanced troubleshooting and resolution of complex configuration issues across global environments.
•    Mentor a diverse group of network engineers and security operations experts in the delivery of network security responsibilities.

Required Qualifications
•    Expertise in DDoS defense technologies 
•    Strong understanding of BGP routing, border gateway security, and internet-scale resiliency engineering.
•    Deep knowledge of network protocols (GRE, TCP/IP, UDP, DNS, HTTP/S).
•    Experience with enterprise-scale infrastructure projects and cloud security integration.
•    Hands-on with configuration management, validation frameworks, and automated monitoring solutions.
•    Familiarity with regulatory compliance frameworks (FFIEC, OCC, SOX, PCI DSS) in financial services.
•    Demonstrated leadership in global project delivery across distributed teams.
 

Skills:

• Cyber Security

• Data Privacy and Protection

• Problem Solving

• Process Management

• Threat Analysis

• Business Acumen

• Data and Trend Analysis

• Interpret Relevant Laws, Rules, and Regulations

• Risk Analytics

• Stakeholder Management

• Access and Identity Management

• Data Governance

• Encryption

• Information Systems Management

• Technology System Assessment

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540)

Pay and benefits information

Pay range$95,700.00 - $144,900.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.