Overview
On Site
Depends on Experience
Full Time
Skills
Geographic information system
Google Cloud Platform
Google Cloud
Banking
Information security
Lifecycle management
Database
Encryption
Microsoft SQL Server
Oracle
TDE
PKCS
Multitasking
Documentation
Communication
Problem solving
Root cause analysis
Recovery
Risk management
Cryptography
Computer hardware
Management
Hierarchical storage management
FIPS
NIST SP 800 Series
PCI DSS
Finance
Cloud computing
Terraform
Ansible
CISSP
Cisco Certifications
CISM
Amazon Web Services
Microsoft Azure
Privacy
Publications
Software design
IT strategy
Critical thinking
Cyber security
IT management
Stakeholder management
Identity management
DevOps
Financial management
Quality assurance
Security engineering
Collaboration
Job Details
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Position Summary:
This role is responsible for cryptography engineering and implementation of vendor security tools primarily hardware security modules (HSM) and CipherTrust Manager. The ideal candidate would be part of the highly visible Global Information Security (GIS) team where they will gain an in-depth understanding of the business partner's requirements for their applications. The job expectation includes managing general purpose HSMs, Cloud HSMs from AWS, Azure or Google Cloud Platform, key management solutions and payment solutions. These tools are integrated with end user applications to be compliant with the banks, as well as industry standards on cryptographic engineering.
Responsibilities:
Skills:
Qualifications:
Desired Qualifications
Additional Skills:
Enterprise Role Overview:
This job is responsible for supporting multiple security engineering efforts to deliver enterprise security capabilities. Key responsibilities include supporting the design, development, and implementation of systems contributing to the protection of systems, devices, and sensitive data. Job expectations include delivering milestones on engineering initiatives, partnering with cross-functional teams to identify opportunities for collaboration, and solving complex issues within one or more security domains with moderate oversight.
Shift:
1st shift (United States of America)
Hours Per Week:
40
Learn more about this role
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Position Summary:
This role is responsible for cryptography engineering and implementation of vendor security tools primarily hardware security modules (HSM) and CipherTrust Manager. The ideal candidate would be part of the highly visible Global Information Security (GIS) team where they will gain an in-depth understanding of the business partner's requirements for their applications. The job expectation includes managing general purpose HSMs, Cloud HSMs from AWS, Azure or Google Cloud Platform, key management solutions and payment solutions. These tools are integrated with end user applications to be compliant with the banks, as well as industry standards on cryptographic engineering.
Responsibilities:
- Hands-on experience with Oracle Key Vault or similar product(s), Thales Luna and PayShield HSMs
- Knowledge of HSM key management practices
- Design, develop and implement enterprise cryptography standards per industry standards.
- Configure and manage products like Thales CipherTrust Manager, Luna Hardware Security Modules and Payshield 10x.
- Experience with direct login and indirect login procedures
- Leverages knowledge of information security technologies for patching and lifecycle management of cryptographic devices.
- Work closely with stakeholders to define cryptography requirement for Key Management Services and HSM needs.
- Implement best practices per the Oasis KMIP 2 standards, EMVCo, Global Platform, FIPS140-2, NIST SP 800-57, PCI DSS, GDPR etc.
- Advance database encryption with Microsoft SQL TDE, Oracle TDE with PKCS11 and KMIP
Skills:
- Prioritizing work and multi-tasking
- Strong documentation skills
- Strong Communication skills
- Great Problem-Solving skills.
- Strong troubleshooting skills and ability to analyze logs to perform root cause analysis and take corrective actions to restore services.
- HSM Management
- Risk Management
Qualifications:
- 5 years or more of relevant experience in cryptography engineering and hardware security modules (HSM) management both on-Prem and cloud.
- Demonstrate flexibility navigating a rapidly evolving cloud HSM environments and adapting quickly.
- Proven knowledge in security standards such as Oasis KMIP 2 standards, EMVCo, Global Platform, FIPS140-2 Level 3, NIST SP 800-57, PCI DSS, GDPR etc. in a large financial organization.
- Experience with cloud automation tools like Terraform and Ansible.
Desired Qualifications
- CISSP, CCSP or CISM, AWS Certified Security - Specialty or Azure Security Engineer Associate.
- Knowledge of quantum computing
- NIST's security and privacy publications contributor
Additional Skills:
- Collaboration
- Influence
- Result Orientation
- Solution Design
- Technical Strategy Development
- Critical Thinking
- Cyber Security
- Information Systems Management
- Solution Delivery Process
- Stakeholder Management
- Access and Identity Management
- DevOps Practices
- Financial Management
- Test Engineering
Enterprise Role Overview:
This job is responsible for supporting multiple security engineering efforts to deliver enterprise security capabilities. Key responsibilities include supporting the design, development, and implementation of systems contributing to the protection of systems, devices, and sensitive data. Job expectations include delivering milestones on engineering initiatives, partnering with cross-functional teams to identify opportunities for collaboration, and solving complex issues within one or more security domains with moderate oversight.
Shift:
1st shift (United States of America)
Hours Per Week:
40
Learn more about this role
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.