Cryptographic Engineer II
Company: Bank of America
Location: Atlanta
Posted on: September 4, 2024
Job Description:
Job Description:
About us:
At Bank of America, we are guided by a common purpose to help make
financial lives better through the power of every connection.
Responsible Growth is how we run our company and how we deliver for
our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great
place to work for our teammates around the world. We're devoted to
being a diverse and inclusive workplace for everyone. We hire
individuals with a broad range of backgrounds and experiences and
invest heavily in our teammates and their families by offering
competitive benefits to support their physical, emotional, and
financial well-being.
Bank of America believes both in the importance of working together
and offering flexibility to our employees. We use a multi-faceted
approach for flexibility, depending on the various roles in our
organization.
Working at Bank of America will give you a great career with
opportunities to learn, grow and make an impact, along with the
power to make a difference. Join us!
Job Description:
This job is responsible for tool and service designs within a
technical domain that enable business strategies in accordance with
architectural governance, standards and policies. Key
responsibilities include creating infrastructure tools and their
integration as a service, facilitating deployment of technical
solutions by developing templates, playbooks and automation used
during implementation. Job expectations include looking for
opportunities to improve efficiency when implementing and
maintaining tools/services and embracing a culture of innovation
and continuous improvement.
Overview:
The Cryptographic Engineer will be responsible for designing,
implementing, and maintaining the key management system used to
protect sensitive data within the bank. This role involves ensuring
the secure generation, storage, distribution, and rotation of
cryptographic keys in compliance with NIST and industry standards
following all the best practices. Ability to produce detailed
architectural diagrams and technical documentation from
business/technical requirements.
Responsibilities:
- Provides subject matter expertise and consulting services on a
range of technologies and assists Technical Analysts and
Infrastructure Engineers to ensure that technology solutions comply
with enterprise system design and engineering standards
- Assists with translating business requirements into technical
definitions, reference models, blueprints, and playbooks for
deployment in compliance with architecture standards and
policies
- Assists in the evaluation of reference models, blueprints and
playbooks to ensure they are fit for purpose
- Develops software solutions to address manual and repeatable
work or inefficient processes
- Conducts on-site evaluations of third-party products being
considered for firm adoption
- Promotes an inclusive and healthy working environment and helps
to resolve organizational impediments/blockers
- Contributes to the creation/selection of functional and
non-functional product evaluation requirements within and across
domains
- Develop and implement key management solution based on security
policies and procedures to achieve secure key lifecycle
management
- Oversight of the generation, distribution, and secure storage
of cryptographic keys, ensuring they are held in accordance to the
highest security protocols
- Build, maintain and monitor highly resilient, redundant and
secure key management systems
- Ensure compliance with internal standards, procedures and
regulatory requirements related to key management. Participate in
security audits and assessments
- Available to respond to security incidents involving the
compromise or corruption of cryptographic key scenarios. Devise,
implement and document corrective actions to prevent future
incidents. Familiarity of Incident and Problem Management systems
like Remedy or ServiceNow
- Work closely with clients, partners, vendors and security teams
to integrate key management practices into broader security
initiatives. Provide guidance and support on cryptographic
practices. Collaborate with operations and other cross-functional
teams to implement automated workflows for key lifecycle
management
- Maintain comprehensive documentation of key management
processes, configurations, and incident responses
- Conduct training sessions and awareness programs for employees
on best practices in key management and cryptographic security.
Stay up-to-date with industry trends and emerging technologies
related to key management and cryptographic standards
Required Qualifications:
- 6+ years of experience in key management, cryptographic
security, or a related field
- Proficiency in key management systems and tools (e.g., HSMs,
KMS, PKI)
- Strong understanding of cryptographic algorithms and
protocols
- Experience with security standards and frameworks (e.g., NIST,
ISO 27001, PCI DSS)
- Familiarity with cloud-based key management services (e.g., AWS
KMS, Azure Key Vault)
- Proficiency in Linux and Windows operating systems
- Strong experience with automation using Perl, python or
PowerShell
- Familiarity with cloud-based key management services (e.g., AWS
KMS, Azure Key Vault)
- Use of monitoring tools i.e. Splunk, Elastic,
Prometheus/Grafana stack, ELK, etc.
- Proficiency in at least one programming language (e.g., Java,
Go) and experience with orchestration tools (e.g., Ansible,
Terraform).
- Experience using Utimaco, Thales, Entrust, etc. products for
HSM and other Key Management components like legacy Gemalto,
Vormetric or CipherTrust Manager
- Working knowledge of JIRA and Agile Scrum routines
- Familiarity with DevOps practices and tools (e.g., CI/CD
pipelines)
Desired Qualifications:
- Bachelor's degree in Computer Science, Information Security, or
relevant experience
- Advanced degrees or certifications (e.g., CISSP, CISM,
CEH)
- Strong analytical and problem-solving skills
- Excellent communication and interpersonal skills
- Self motivated and able to work with minimal supervision as
part of a team
- Detail-oriented with a strong commitment to maintaining
high-security standards
Skills:
- Analytical Thinking
- Application Development
- Automation
- Production Support
- Risk Management
- Adaptability
- Business Acumen
- DevOps Practices
- Solution Delivery Process
- Solution Design
- Architecture
- Collaboration
- Innovative Thinking
- Stakeholder Management
- Technical Strategy Development
Job Band:
H5
Shift:
1st shift (United States of America)
Hours Per Week:
40
Weekly Schedule:
Referral Bonus Amount:
0
--> Associated topics: circuit, kv, power, renewable, schema,
solar, transmission, wind, wire, wiring
Keywords: Bank of America, Atlanta , Cryptographic Engineer II, Engineering , Atlanta, Georgia
Didn't find what you're looking for? Search again!
Loading more jobs...