Network Cyber Threat Defense Security Engineer

Bank of America•Washington, DC

8d•Onsite

About The Position

This is a Cyber Security role in Information Security with a focus on Network Security Engineering. The candidate will work in a fast paced environment, identifying and responding to cyber security events, while developing engineering solutions and network architectures that enable efficient and timely responses to mitigate malicious actors. The Network Defense (ND) team in the Global Information Security organization is responsible for defending the Bank's Internet facing networks and applications from disruptive security threats such as Distributed Denial of Service (DDoS) attacks. Network Defense works at the tip of the spear to ensure that customers have an uninterrupted network experience, by rapidly responding to security events, developing defenses, and mitigating attacks. ND team members are expected to be subject matter experts on disruptive security events and able to apply their extensive knowledge of computer networking and cyber security threats in order to develop solutions to complex cyber scenarios.

Requirements

Expertise in DDoS defense technologies
Strong understanding of BGP routing, border gateway security, and internet-scale resiliency engineering.
Deep knowledge of network protocols (GRE, TCP/IP, UDP, DNS, HTTP/S).
Experience with enterprise-scale infrastructure projects and cloud security integration.
Hands-on with configuration management, validation frameworks, and automated monitoring solutions.
Familiarity with regulatory compliance frameworks (FFIEC, OCC, SOX, PCI DSS) in financial services.
Demonstrated leadership in global project delivery across distributed teams.

Responsibilities

Lead end-to-end engineering projects for network security infrastructure, including DDoS mitigation platforms, BGP routing safeguards, and global cloud scrubbing services.
Architect, plan, and execute platform upgrades and large-scale control improvements.
Evaluate, select, and implement next-generation security controls, aligning with regulatory and financial services industry standards.
Define and maintain baseline configurations for on and off premise DDoS scrubbing solutions, CDN rules, cloud security controls, and other related security controls.
Partner with enterprise network engineering teams to ensure security considerations are integrated into all bank-wide infrastructure projects.
Conduct validation and testing of controls before and after deployment; maintain full auditable documentation for regulatory compliance.
Act as a subject matter expert on DDoS defense, BGP hijack protection, and internet-scale threat resilience.
Provide advanced troubleshooting and resolution of complex configuration issues across global environments.
Mentor a diverse group of network engineers and security operations experts in the delivery of network security responsibilities.

Benefits

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.
This role is currently benefits eligible.
We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume