Job Directory Development Security Platform Engineer

Development Security Platform Engineer
Chicago, IL

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About

Job Description

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Cyber Security Technology (CST) function within Global Information Security is responsible for innovation and architecture, engineering, solutions and capabilities development, deployment maintenance and support of information technology security controls. The CST team is also responsible for the management of the program/project management teams.

Job Description and Responsibilities:

The role is an individual contributor who reports to the Development Security Platform Engineering manager. Engineers are responsible for security tooling across a broad portfolio of systems which include large scale web and mobile applications on the public internet, assessment and introduction of new, emerging technologies and frameworks.

Engineers are responsible for architecture, engineering and design of security solutions/systems, with accountability for research, design, engineering, implementation, and support of a broad spectrum of security initiatives which include both software and hardware. Initiatives will enable Cyber Security Defense business goals, plus secure SDLC environments for web and mobile developers enterprise wide. Specific deliverables include:

* Collaboratively develop technical architectures, processes and procedures achieving application security objectives together with business and technical partners
* Deliver security solutions through product selection or development, implementation, integration, management and customization/tuning for the specific needs of the bank.
* Interact with senior technology and business management, requiring the ability to explain complex technical matters in a way both technical and non-technical personnel can understand
* Guide application developers in adoption of enterprise policies, standards, and baselines using the solutions delivered by the team
* Author and present enterprise guidance on application security related topics as a platform SME for the enterprise
* Perform analysis of web and mobile applications, vulnerabilities, frameworks, development solutions, and assessment of risks.

Job Requirements:

The ideal candidate will possess expertise in all of the following areas:

* .NET or Java Web Application development on an enterprise scale
* Code review practices, functional and quality
* Engagement of key stakeholders, both technical and senior leadership
* Technical leadership in design, development and/or support
* Application/product management experience in a high volume, high availability environment
* Technical specification development, both internally and for vendor software
* Software testing, QA or security leadership
* Understanding of RESTful Services
* Scripting ability in Python or similar language
* Committed interest to AppSec

Desired Skills:

The ideal candidate will possess expertise in several of the following areas:

* iOS or Android Mobile application development for consumer applications
* Threat modeling of application architecture
* Vulnerability rating and analysis (CVE, CVSS, CWE ratings)
* Proficiency with a static analyzer such as Checkmarx, Fortify SCA or Coverity
* CISSP, GISSP or other relevant secure coding certification(s)
* Business experience in and/or supporting the financial sector
* Understanding of application security vulnerabilities and preventions
* Security vulnerability assessment techniques during design, development and testing
* Operation of enterprise policy and standards for technologies and development

Required Experience Level:

* 5-10 years of experience with public internet web and/or consumer mobile development
* 2 years of experience involved in testing, QA or security related activities (can be concurrent)
* Bachelor's Degree in Computer Science, Engineering or related technical or engineering field.

We are a team of great application security engineers who work as a team to architect, design, build and deliver secure security solutions at scale. If this sounds like you then please, let's talk.

Enterprise Role Overview:

Key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). Utilizes in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank's assets. Develops and implements security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g. client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.

Posting Date: 06/12/2019

Location: Chicago, IL, 135 S LA SALLE ST (IL4135), - United States

Travel: Yes, 5% of the time

Full / Part-time: Full time

Hours Per Week: 40

Shift: 1st shift

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.