Job Description

: About Us At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We\'re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! Global Business Services Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services. Process Overview . Global Information Security (GIS) - IAM Infrastructure team is responsible for developing and supporting Identity and Access Management application and infrastructure services for Bank of America. IAM IE team manages SSO using CA SiteMinder and Ping Federate, multi factor authentication, secure credentials, access and entitlements for thousands of applications etc. . GIS Cyber Security Technology is looking for SIEM (Security Information and Event Management) Software Engineers, the candidate plays a vital role in the organization\'s cybersecurity operations, focusing on security monitoring, incident detection, and response. Their responsibilities involve a diverse array of technical and analytical tasks aimed at safeguarding critical assets and infrastructure from potential cyber threats. Responsibilities . As a SIEM Software Engineer is instrumental in maintaining proactive cybersecurity measures, promptly detecting, and responding to potential threats, and fortifying the organization\'s defense against cyberattacks. His technical acumen and analytical expertise contribute significantly to the overall security posture and resilience of the organization\'s information systems and data. 1. Front-end Skills: - Proficient in HTML, CSS, and JavaScript to create intuitive and responsive user interfaces. - Extensive experience with Angular framework to develop dynamic and feature-rich web applications. - Knowledge of front-end tools and libraries to streamline development processes. 2. Back-end Skills: - Strong expertise in Java programming, with a focus on building robust and scalable back-end applications. - Experience working with server-side frameworks like Spring Boot or Java EE to develop RESTful APIs and web services. - Knowledge of database systems like MySQL, PostgreSQL, or MongoDB to manage data effectively. 3. SIEM Implementation and Configuration: - The candidate is responsible for the integration with various SIEM tools, such as Splunk, Vontu, McAfee, ect (Elasticsearch, Logstash, Kibana), or other industry-leading platforms. - Responsible for setting up data collection from various sources, including network devices, servers, databases, applications, and security appliances. - Candidate fine-tunes the SIEM system to optimize data ingestion, processing, and storage for efficient security event monitoring. 4. Security Event Monitoring and Analysis: - Candidate continuously monitors the SIEM dashboard, analyzing security logs and events in real-time to identify suspicious activities or potential security incidents to look for process improvements. - They develop and maintain correlation rules and use cases to correlate events from different sources and detect complex attack patterns. 5. Incident Detection and Response: - When the SIEM alerts or identifies potential security incidents, Candidate leads the investigation to understand the nature, scope, and impact of the events. - They collaborate with other cybersecurity teams, such as the SOC (Security Operations Center) and Incident Response Team, to coordinate incident response efforts effectively. 6. Threat Intelligence Integration: - Candidate incorporates threat intelligence feeds from reputable sources into the SIEM platform to enrich event data and enhance the organization\'s ability to detect emerging threats. - They analyze threat intelligence data to stay informed about the latest attack trends and tactics employed by threat actors. 7. Continuous Improvement and Tuning: - Candidate proactively fine-tunes the SIEM system, updating correlation rules, and adjusting alert thresholds to reduce false positives and optimize the accuracy of threat detection. - They regularly review the SIEM\'s performance metrics and identifies areas for improvement to enhance the organization\'s security posture. 8. Security Compliance and Reporting: - Candidate assists in compliance efforts by generating security reports and providing evidence of adherence to security policies, regulatory requirements, and industry standards. - They participate in internal and external audits, providing insights into the effectiveness of the SIEM implementation. 9. Integration with Other Security Tools: - Candidate integrates the SIEM with other security tools, such as Intrusion Detection and Prevention Systems (IDS/IPS), endpoint protection solutions, and vulnerability scanners, to create a comprehensive defense ecosystem. Requirements . Education . B.E. / B Tech / M.E. / M Tech / M.C.A Certifications If Any SCJP, SCWCD, OCJP, OCA, OCPJWSD, SCWSD Experience Range . 6-12 years Foundational Skills . - As a Java full-stack SIEM engineer with Angular front-end skills, and plays a crucial role in building secure and efficient applications while creating engaging and user-friendly interfaces using the Angular, Java, Kafka, ect. frameworks. - Strong proficiency in SIEM platforms, including configuration, data parsing, and customization. - In-depth understanding of cybersecurity principles, threat landscapes, and attack methodologies. - Knowledge of networking protocols, log formats, and data parsing techniques to interpret and analyze security events effectively. - Proficient in programming languages such as Python, PowerShell, or Bash for automation, data manipulation, and developing custom security scripts. - Expertise in data visualization tools and techniques to create informative and actionable security reports and dashboards. - Effective communication and collaboration skills to work seamlessly with cross-functional teams and articulate technical concepts to non-technical stakeholders. Desired skills . Effective communication and collaboration skills to work seamlessly with cross-functional teams and articulate technical concepts to non-technical stakeholders. Work Timings . 1:30PM - 10:30PM (IST) Job Location . Chennai, Hyderabad, Mumbai

foundit