Software Engineer II A - GBS IND Chennai, India;Gf, Hyderabad **Job Description:** **About us*** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! **Global Business Services** Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services. **Process Overview*** The Global Information Security (GIS) is responsible for protecting Bank information systems, confidential and proprietary data, and customer information. Cyber Security technology function is responsible of development and maintenance of security products across Bank of America. Team works on various security products and also develops in-house products. **Job Description*** The individual (Senior Developer) will be responsible for the development and orientation of applications servicing Global Information Security teams. A developer in this role has experience working with Security Information Event Management technologies and can develop in python in AGILE teams. The job requires a strong focus on solving problems experienced by front line analysts to deliver quality metadata in user friendly formats. We invite you to join the GIS team as a Solution Stack Python Django Developer. We are a supportive community passionate about delivering the best experience for our customers while remaining sensitive to their unique needs. In this role, you will be using the experience you have gained throughout your career to assist in the design, development, and implementation of SIEM and SOAR capabilities across an Enterprise environment. We like for developers to feel comfortable contributing throughout the solution stack. We believe it is important that you follow best practices established by the team, including proper source code control practices and delivery of unit test cases. Whether you are building applications from scratch, de-bugging existing code, or collaborating with various teams/team-members, for example, your skills will be tested and your knowledgebase will grow as you rise to meet the challenges. **Responsibilities*** 1. Leadership and Development: As an Individual Contributor with significant Cloud (AWS or Azure) and Security Information and Event Management (SIEM) domain experience collaborate and influence a team of talented developers in a collaborative and high-performing work environment. Set and achieve clear objectives, provide clarity and regular feedback, and enhance the team's capabilities. 2. AWS Detection Engineering: Understand and help drive Detection Engineering efforts in SIEM or SOAR as appropriate within AWS environments, using technologies such as AWS GuardDuty, AWS CloudWatch, AWS CloudTrail, AWS CloudFront, KMS, AWS SecurityHub, CSPM, DSPM, SSPM, and CIEM technologies to help defend the banks platform and workloads. 3. SIEM and SOAR Software Solution Architecture and Design: Collaborate with internal stakeholders, including cybersecurity experts, IT operations, and business units, to understand security requirements and business goals. Architect and design scalable and resilient SIEM and SOAR solutions that can effectively handle diverse data sources and complex security analytics use cases. Conduct regular reviews and refinement of the architecture to accommodate changes in the threat landscape and business needs. 4. Development and Implementation: Provide your expertise to augment the SIEM and SOAR development teams in coding, testing, and deploying custom applications to enhance the capabilities to detect advanced threats. Implement integrations with various data sources, security tools, and external threat intelligence feeds to enhance threat detection and response capabilities. Ensure compliance with coding standards, security best practices, scalability, resiliency concepts, and data privacy regulations throughout the development lifecycle. 5. Security Incident Management: Develop and refine strategies for proactive threat detection, incident identification, and efficient response and remediation. Conduct thorough analysis of security incidents, ensuring root cause analysis, and implement corrective actions to prevent future occurrences. Collaborate with the Incident Response team to enhance incident handling and escalation procedures. 6. Performance Optimization and Scalability: Continuously monitor the performance of the SIEM and SOAR systems and identify areas for optimization and enhancement. Evaluate and implement appropriate infrastructure upgrades to support increasing data volumes and maintain optimal system performance. Conduct load testing and performance tuning exercises to ensure the SIEM and SOAR platforms can handle ever expanding peak operational loads. 7. Compliance and Policy: Ensure adherence to industry standards, regulatory requirements, and internal security policies in all aspects of SIEM development and operation. Collaborate with the Compliance team to fulfill audit requests and participate in security assessments and penetration testing exercises. 8. Research and Innovation: Stay informed about the latest cybersecurity threats, trends, and emerging technologies relevant to SIEM and SOAR development and security operations. Evaluate new SIEM and SOAR tools, Detection Engineering technologies, and techniques to improve the organization's security posture and stay ahead of potential threats. Stay informed about Cloud detection and response security controls. **Requirements*** **Education*** Bachelor's Degree in Computer Science, or related technical discipline Certifications If Any **Experience Range*** Minimum 6 years of strong programming experience **Foundational skills*** + Strong programming skills in Java + Strong experience in SIEM and security operations (e.g., Splunk ES, Anvilogic, Palo Alto Cortex, Crowdstrike, MS Sentinel, Google Chronicle). + Experience with Splunk, certifications preferred. + Experience with the detection and response-based security controls in at least one Public Cloud environment (e.g., AWS, GCP, Azure) and experience with WIZ + Understanding of Threat Modeling and Detection Engineering best practices. + Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms. + Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies. + Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes. + Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges. + Experience with Infrastructure as Code (CDK, Cloud Formation, Terraform) + Experience with Git base source code Management. + Experience in Agile teams + Good communication skills **Desired skills** + Good working experience with Streaming technologies (Apache Spark , Apache Flink and/or Kafka Streaming ) + Proficient programming skills in languages such as Python, Java, or C++, with a solid understanding of data structures and algorithms. + Familiarity with threat intelligence feeds, cybersecurity frameworks, and incident response methodologies. + Strong leadership abilities, with experience in influencing technical teams and driving successful outcomes. + Excellent problem-solving skills, analytical mindset, and a proactive approach to addressing security challenges. + Experience with Infrastructure as Code (CDK, Cloud Formation, Terraform) + Experience with Git base source code Management. + Experience in Agile teams + Ability to communicate, written and verbal, with technical and non-technical cross-functional teams. + Additional Skill areas: RHEL9, Celery, Ansible, XLR, Functional Programming, WCAG compliance **Work Timings*** 11.30 AM to 8.30 PM **Job Location*** Chennai/ Hyderabad Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. To view the "Know your Rights" poster, CLICK HERE (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12.pdf) . View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) . Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. To view Bank of America’s Drug-free Workplace and Alcohol Policy, CLICK HERE . Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.