Cyber Security Configuration Compliance Monitoring Analyst

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Responsibilities:

The Configuration Compliance Monitoring Analyst will be a Subject Matter Expert responsible for monitoring of technical configurations across high-risk technologies such as Operating Systems, Databases, Middleware Components and Network Devices to ensure compliance to GIS requirements. Key responsibilities include technical understanding of Operating System configurations, ability to interpret GIS baseline requirements into functional policy test cases and provide support/remediation guidance. Job expectations include ensuring full monitoring coverage across all Operating Systems, providing expert technical guidance to support partners and adding and/or editing existing policy checks to ensure technical configuration monitoring is in place across all in scope GIS Baselines. 

Job Responsibilities:

• Conduct compliance monitoring leveraging prior technical knowledge and expertise in configuring various Operating Systems and/or Databases

• Ability to interpret baseline requirements into policy check test cases

• Validate the accuracy of compliance scanning on a weekly basis

• Ensure current baseline requirements have full and complete monitoring coverage

• Address any monitoring coverage gaps in a timely manner

• Provide troubleshooting and technical guidance to lines of business seeking to address non-compliance

• Maintain relationships with the GIS Policy team and technology partners.

Required Qualifications:

• Minimum 5 years of experience in Information Security or SME level skills configuring servers across various operating systems (Unix, Linux, Windows, Cloud, Containers, etc)

• At least 2 years of work-related involving applying configurations to satisfy compliance requirements and/or developing configuration compliance monitoring capabilities

• Experience in troubleshooting servers/OS to provide technical guidance to ensure compliance to security requirements.

• Exceptional written and verbal communication skills

• Critical thinking skills

Desired Qualifications:

• Familiarity with compliance monitoring tools such as Qualys Policy Compliance, Bladelogic, Tanium or other

• Security Certifications (CISSP, MCSE, RHCE, Other)

• Prior experience in design and deployment of technical configuration monitoring

• Windows & UNIX/Linux platform administration

• Prior Database administration (Oracle, MySQL, SQL Server, other)

• Experience in data mining/data analytics and reporting

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540), US - NJ - Jersey City - 101 Hudson St - 101 Hudson (NJ2101)

Pay and benefits information

Pay range

$95,000.00 - $143,700.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.