SIEM/SOAR Network / System Engineer V

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

This job is responsible for providing front-line support to end users, responding to issues related to incidents and problem management governance for multiple applications, and leading triage activities on all business impacting incidents. Key responsibilities include ensuring compliance with incident management and problem management policies and procedures, serving as a focal point for the customer, client, and associate experience, restoring complex production incidents under tight Service Level Agreements, and pursuing root cause and problem resolution follow ups.

Responsibilities:

• Leads production support triage efforts, manages bridge line troubleshooting, engages in technical research, and escalates issues to leadership as needed

• Ensures all impacts are accurately recorded and documented in the system of record, oversees that documents and wikis are updated and available for use during triage, and supports the documentation of application flows, upstream/downstream impacts during outages, the customer experience, and contacts for support needs

• Identifies and/or validates business impacts through interpretation of monitors, dashboards, and logs to communicate with leadership and vendors

• Manages activities to identify incident root cause, resolution, preventative actions, and change requests, and reports on incident data quality

• Promotes and enforces production governance during triage/testing and identifies production failure scenarios, vulnerabilities, and opportunities for improvement

• Serves as a subject matter expert for applications within a portfolio, leveraging extensive knowledge of application functionalities and application flows

• Assesses and prioritizes research requests, ad hoc reports, and offline incidents at the direction of senior team members and delegates work as needed to team members and peers

Position Summary

• We’re looking for an experienced IT Security professional with 5+ years of hands-on expertise in SIEM/SOAR to join our team. In this role, an ideal candidate will manage and optimize Splunk for advanced threat detection, automation, and incident response.

• Will collaborate IT teams to build detection rules, automation playbooks, and dashboards that strengthen our security posture in a fast-paced FinTech environment.

• Manage, configure, and optimize SIEM/SOAR platforms (primarily Splunk).

• Develop detection rules, dashboards, and automation playbooks.

• Monitor and analyze security events to identify threats and reduce response times.

• This position is expected to deliver above and beyond services to our internal customers to facilitate business continuity with a meet or exceed SLAs.

• This includes monitoring, incident response, problem engagement during triage, service restoral, identification of root cause, and facilitation and co-ordination for a permanent fix – in accordance with agreed best practices.

• The Ideal candidate will have over 10 years of hands on experience within the realm of IAM (identity and Access Management) space. Well conversant with the tools and applications employed within the highly regulated FinTech industry.

• SME with expert level hands-on knowledge of Access management and Entitlement technologies. Must have expert level experience in Windows OS, RedHat Linux, SQL queries, SQL/Oracle & other flavors of databases. Well versed with RedHat Linux OpenShift containers, Atlassian JIRA & Horizon platforms, GitHub, Ansible, Jenkins, ITSM Remedy, Splunk, Dynatrace, PowerShell/Unix Scripting, cloud experience including other CI/CD DevOps tools.

Required Qualifications

• MUST BE ABLE TO WORK SATURDAY OR SUNDAY WHEN ON CALL OR FOR NEW RELEASES

• 5+ years of experience in SIEM/SOAR administration and security operations .

• Well conversant with 5 C's of cyber security - Change, Compliance, Cost, Continuity and Coverage

• Passionate about cybersecurity and automation, a SIEM/SOAR expert to help us strengthen our cyber resilience, turning Splunk skills into impact

• Use Splunk skills to fight threats and keep financial services secure

• Strong hands-on knowledge of Splunk (searches, dashboards, alerts, playbooks) .

• Solid understanding of cybersecurity frameworks, threat detection, and incident response.

• 5+ years of production support experience with expert level knowledge of MFA technologies, Splunk. Window OS, SQL/Oracle DB & Unix/Linux.

• Excellent knowledge of Identity, Authentication and Access Management (IAM) domain including SRE and DevOps space.

• Must have senior level production support experience and troubleshooting skills in SIEM/SOAR space, Splunk and IAM technologies.

• Must be able to comply with bank regulatory and compliance policies

• Must have expert level of Linux experience and must be well versed in Splunk queries.

• Well versed with ITIL framework

• Excellent Communication Skills lateral and vertical - be able to clearly explain issues, their impact and how to address them

• Must be a great team player - be able to collaborate with other team members within or outside the group

• Must be available for on-call coverage and willing to work off hours as and when needed.

• Must be willing to work on-site 3 days a week as per current bank policies

• Demonstrate a strong work ethics and takes pride in accomplishment.

• Must be able to handle and work under pressure and stress

• Attention to detail - able to evaluate smallest details

• Problem-solving - be able to address complex challenges in creative ways

Desired Qualifications

• CISSP or other equivalent Information Security domain certificates will be added value

• A cybersecurity pro to safeguard systems in the fast-moving FinTech world

• Go getter exhibiting strong motivation and drive for results and success.

• Persists in the face of significant difficulties, does not give up easily.

• Tower, BladeLogic

• Strong understanding of network technologies

Skills:

• Adaptability

• Analytical Thinking

• Influence

• Production Support

• Risk Management

• Automation

• Collaboration

• Innovative Thinking

• Result Orientation

• Solution Design

• Business Acumen

• DevOps Practices

• Project Management

• Solution Delivery Process

• Stakeholder Management

Shift:

1st shift (United States of America)

Hours Per Week: 

40