Vacancy expired!
Job Description:
At Bank of America we're building Enterprise Cloud solutions that help power our customers' financial lives. Technology solutions are central to how we deliver for our customers and our business, and building modern, secure, scalable, performant cloud solutions are key to that aim.We are looking for experienced Cloud DevSecOps Engineers to join our Global Information Security (GIS) Cloud Defense Group. This role will report to the Head of Cloud Defense CI/CD Security Engineering, and is critical to our Cloud Application Security strategy. This role will be responsible for working closely with DevOps Engineering to ensure that the Bank's Cloud Application pipelines have the appropriate controls and supporting technologies. The Cloud DevSecOps Engineer will work together with our Enterprise Architecture, GIS Cloud Architecture, Cloud IAM and other groups to ensure that the solutions we deliver meet the needs of the business. Responsibilities for the role include:- Perform product design activities as required
- Perform gap analysis of CI/CD pipeline security for applications being deployed to public Cloud
- Develop and agree roadmaps for controls and supporting technologies
- Ensure that code adheres to strict standards for accessibility, security and sustainability
- Collaborate across a multi-functional organization to drive automated code scanning and security testing
- Actively participate in requirements, architecture reviews, and design meetings
- People management may be a requirement for this role
- CI/CD pipeline construction and security
- Some experience as a developer in e.g. Java, Python, Go
- Some experience with Agile development practices and test-driven development
- Deep understanding of application security and relevant controls
- Deep understanding of Cloud Application deployment models and relevant controls
- Experience with Container technologies ( Docker, Kubernetes, Openshift)
- AWS, Azure, IBM Cloud and/or Google APIs experience
- Experience using threat modelling methodologies and tools
- Experience with configuration management and automation tools such as Ansible, Puppet, Terraform, CloudFormation, Salt
- Experience of Linux\UNIX system administration
- Deep knowledge of web protocols, multiple operating systems, hypervisors and distributed systems architecture
- Experience with GitHub, GitHub actions
- Experience with microservices architectures
- Experience with Policy as Code implementations as part of a CI/CD pipeline
- Cloud provider certification (e.g. AWS Certified Developer, AWS Certified Architect)
- Security-specific certifications (e.g. CEH)
- Experience with architecting software solutions
Vacancy expired!