Senior Application Developer - Cybersecurity/Cloud

Bank of America•Addison, IL

1d•Onsite

About The Position

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits. We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve. Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation, architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support. We are seeking a highly skilled and experienced Application Developer to build software solutions that provide compliance evidencing and effectiveness measurements for cloud security controls. This role requires hands-on experience with AWS/Azure and modern SDLC practices. You will partner with cross-functional teams to design, implement, and maintain robust security solutions that protect cloud infrastructure from emerging threats while meeting functional, non-functional, and regulatory requirements.

Requirements

Hands-on experience with AWS or Azure and software development life cycles (SDLCs).
Deep knowledge of cloud platforms (AWS, Azure) and experience building and operating cloud-native services and business critical workloads.
Strong hands-on experience with Python, Java, or other object-oriented programming (OOP) languages; ability to write clean, testable, maintainable code.
Strong understanding of DevSecOps principles; hands-on experience with CI/CD pipelines and related tooling and automating build/test/release workflows.
Hands-on experience with Terraform, or CloudFormation
Experience with Docker and orchestration tools such as Kubernetes.
Solid knowledge of relational databases (Oracle, MySQL, PostgreSQL) and NoSQL; ability to write complex SQL queries and perform thorough data validations.
Experience building and integrating with REST APIs and system interfaces, with emphasis on maintainability, availability, reliability, performance, and security.

Nice To Haves

Significant experience in cybersecurity across multiple domains, with a strong focus on cloud security and integrating controls as code.
Experienced in secure coding practices, authentication protocols, cryptography basics, identity and access management, and familiarity with security testing and vulnerability assessment.
Hands-on experience with agent-first development.

Responsibilities

Design, develop, and integrate solutions to gather security control evidence across multiple cloud platforms (e.g., AWS or Azure) to ensure the security and compliance of cloud infrastructure and workloads.
Identify security controls applicable to CI/CD pipelines and runtime environments to prevent misconfigurations and enforce security best practices and standards.
Develop and deliver software solutions that meet functional, non-functional, and regulatory compliance requirements; write, test, debug, and maintain code primarily using Java and/or Python and related technologies.
Hands-on experience with SCA, SAST, DAST vulnerability identification and remediation.
Engage in continuous integration and deployment activities including automating build, test, and release pipelines; integrate security best practices into CI/CD processes and operational workflows.
Troubleshoot defects, perform root-cause analysis, ensure software quality through unit, integration, and regression testing; contribute to code reviews.
Work closely with cross-functional teams to refine requirements and deliver secure, maintainable capabilities.
Demonstrate cloud environments comply with internal control requirements and regulatory obligations using robust reporting and dashboards.