Senior Cryptography Security Architect

Chicago, Illinois;Denver, Colorado

Job Description:

Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation and architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

This role is that of a Senior Cryptography Security Architect on the Security Architecture team. The role is responsible for the analysis, design, development and implementation of architectural deliverables, to include components of the assessment and optimization of system design and review of business requirements. They will lead determination of security requirements and alignment to information security policy. May be called upon to work with database, operations, technical support and other IT areas as well as GIS Solutions Architects as appropriate throughout the development and implementation processes. Serves as a technical security resource; provides technical knowledge and security capabilities as a team member and an individual contributor. Will not have direct reports but may influence and direct activities of a team related to special initiatives or operations. May provide input on staffing, budget and personnel. Typically 5 or more years of Information Security and IT experience.

Primary Level of Engagement : Works at the team level or program level. Is an individual contributor requiring little to no supervision. Can serve as a domain expert to mentor more junior team members. Is able to contribute to multiple projects.

 Primary Interactions:

Product Owner

Development Lead

Project / Solution Architect

Scrum Master / Project Manager

Senior Engineer

Information Security Engineer

Architect Community of Practice

BISO

Key Responsibilities:

• Work across business and technology to create the solution intent and architectural vision and evolve it to align with GIS policy.

• Consult with the business regarding problems and technology to understand challenges and find secure solutions through their knowledge of the domain, practical experiments and Proof of Concepts (POCs).

• Lead rapid shaping of a high-level architecture with details filled in with emerging business requirements; ensure architecture is secure and designed to adapt easily.

• Utilize the defined best practices, templates and documentation to create architectural designs; suggest improvements to best practices and templates through practical knowledge.

• Work with Product Managers and Owners to plan and prioritize security-focused backlog items for the architecture runway to enable business epics and features.

• Clarify the architecture and assist with system design (where needed) for the development teams to support implementation, and provide solution options to resolve any architectural impediments.

• Perform design and code reviews to ensure all security requirements for a solution are sufficiently met (for example, confidentiality, integrity, and availability).

• Educate team members on the security principles, technology practices, standardization strategies and best practices to create secure solutions.

Required Skills:

• Working knowledge of asymmetric and symmetric key encryption

• Working knowledge of HSMs (Hardware Security Modules)on the market and respective interfaces (e.g., PKCS, KMIP)

• Ability to educate on primary encryption topics such as network layer encryption, application/data encryption, use of a MEK, DEK, key storage and management

• Working knowledge of encryption solutions for public cloud providers (e.g., CloudHSM, Key Vault)

• Experience with secrets vaulting solutions, encryption-decryption products, identity protocols/frameworks

• Familiarity with leading algorithms and ciphers and ability identify insecure or archaic algorithms

• Strong desire to design new cryptographic solutions at enterprise scale

• 5+ years of Information Security experience

Desired:

• Experience and knowledge of the Credit/Payment Card industry

• PCI DSS knowledge

Shift:

1st shift (United States of America)

Hours Per Week:

40

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

To view the "EEO is the Law" poster, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) .

To view the "EEO is the Law" Supplement, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

To view Bank of America’s Drug-free workplace and alcohol policy, CLICK HERE .