Job Description

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits.

We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve.

Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

LOB Description:

This role executes recurring assessments against enterprise-wide external network security platforms and technologies to validate compliance with Bank security policies, standards, and control requirements. Supports governance and compliance functions across External Network security products, including but not limited to firewall, proxy, web content filtering, and intrusion detection (IDS/IPS) technologies. Participates in the development of network cybersecurity solutions and supports existing services while ensuring alignment to established governance and risk management expectations. Partners with stakeholders to identify, track, and remediate security policy violations across external network products, ensuring adherence to defined timelines and compliance requirements. Participates in automation efforts in coordination with engineering teams and 3rd party vendors to reduce manual effort, improve consistency, and enhance governance oversight. Provides consulting to stakeholders tasked with resolving security policy violations and supports internal and external audits through evidence gathering and remediation activities.

LOB Responsibilities:

• Execute recurring assessments against enterprise-wide external network security platforms to validate compliance with Bank security policies, standards, and control requirements.
• Support governance and compliance activities across external network products, including identification, documentation, and tracking of security policy violations and exceptions.
• Partner with application and infrastructure teams to drive remediation of non-compliant configurations and ensure alignment to network security policies and standards.
• Track and report on remediation progress, ensuring deliverables are completed within established timelines and compliance commitments.
• Participate in internal and external audits by supporting evidence collection, issue response, and remediation of findings.
• Provide guidance to stakeholders on policy interpretation, compliance expectations, and remediation approaches across external network technologies.
• Support development and maturation of governance processes, including standardization of assessment methodologies and control validation practices.
• Participate in automation efforts with internal teams and third-party vendors to improve efficiency, reduce risk, and enhance consistency of governance and compliance activities.

This job is responsible for tool and service designs within a technical domain that enable business strategies in accordance with architectural governance, standards and policies. Key responsibilities include creating infrastructure tools and their integration as a service, facilitating deployment of technical solutions by developing templates, playbooks and automation used during implementation. Job expectations include looking for opportunities to improve efficiency when implementing and maintaining tools/services and embracing a culture of innovation and continuous improvement.

Responsibilities:

• Provides subject matter expertise and consulting services on a range of technologies and assists Technical Analysts and Infrastructure Engineers to ensure that technology solutions comply with enterprise system design and engineering standards
• Assists with translating business requirements into technical definitions, reference models, blueprints, and playbooks for deployment in compliance with architecture standards and policies
• Assists in the evaluation of reference models, blueprints and playbooks to ensure they are fit for purpose
• Develops software solutions to address manual and repeatable work or inefficient processes
• Conducts on-site evaluations of third-party products being considered for firm adoption
• Promotes an inclusive and healthy working environment and helps to resolve organizational impediments/blockers
• Contributes to the creation/selection of functional and non-functional product evaluation requirements within and across domains

Managerial Responsibilities:
This position may also have responsibilities for managing associates. At Bank of America, all managers at this level demonstrate the following responsibilities, in addition to those specific to the role, listed above.

• Opportunity & Inclusion Champion: Creates an inclusive team where members are treated fairly and respectfully.
• Manager of Process & Data: Demonstrates and expects process knowledge, data driven decisions, simplicity and continuous improvement.
• Enterprise Advocate & Communicator: Delivers clear and concise messages that motivate, convey the “why” and connects contributions to business results.
• Risk Manager: Leads and encourages the identification, escalation and resolution of potential risks.
• People Manager & Coach: Knows and develops team members through coaching and feedback.
• Financial Steward: Manages expenses and demonstrates an owner’s mindset.
• Enterprise Talent Leader: Recruits, on-boards and develops talent, and supports talent mobility for career growth.
• Driver of Business Outcomes: Delivers results through effective team management, structure, and routines.

Required Qualifications:

• 5+ years of experience managing or supporting external network security technologies, including firewalls, proxy, or related controls
• Experience with firewall policy management platforms, including FortiManager, FortiAnalyzer, and Check Point Provider 1
• Experience with log analysis tools, including Tufin, Splunk, or similar
• Good understanding of network protocols including TCP/IP, UDP, HTTP, HTTPS, SSH, FTP, DNS services, and others
• Strong analytical, troubleshooting, and problem-solving skills
• Strong networking background
• Ability to communicate effectively across organizational levels, including technical teams, lines of business, and stakeholders, to drive remediation and compliance outcomes
• Experience working within governance or compliance-driven processes, including tracking and managing deliverables tied to security policies, standards, or control requirements
• Experience using workflow and tracking tools such as ServiceNow (SNOW), Jira, or similar platforms to manage remediation activities, compliance tasks, or risk-related work

Desired Qualifications:

• Experience supporting governance, compliance, or risk management functions within a network security or cybersecurity environment
• Experience with automation and scripting using Python or similar
• Experience documenting processes, procedures, or compliance-related activities using Confluence or similar platforms
• Familiarity with audit processes, including evidence collection and remediation tracking
• B.S. degree in Computer Science, Engineering, Information Systems, or equivalent preferred
• Professional certifications such as CCNA Security, CISSP, CCSP, or similar are desirable

Skills:

• Analytical Thinking
• Application Development
• Automation
• Production Support
• Risk Management
• Adaptability
• Business Acumen
• DevOps Practices
• Solution Delivery Process
• Solution Design
• Architecture
• Collaboration
• Innovative Thinking
• Stakeholder Management
• Technical Strategy Development

Shift:

1st shift (United States of America)

Hours Per Week:

40