Hispanic Technology Executive Council
Cryptographic Engineer II
Hispanic Technology Executive Council, Jacksonville, Florida, United States, 32290
About us:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. Were devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
This job is responsible for tool and service designs within a technical domain that enable business strategies in accordance with architectural governance, standards and policies. Key responsibilities include creating infrastructure tools and their integration as a service, facilitating deployment of technical solutions by developing templates, playbooks and automation used during implementation. Job expectations include looking for opportunities to improve efficiency when implementing and maintaining tools/services and embracing a culture of innovation and continuous improvement.Overview:The Cryptographic Engineer will be responsible for designing, implementing, and maintaining the key management system used to protect sensitive data within the bank. This role involves ensuring the secure generation, storage, distribution, and rotation of cryptographic keys in compliance with NIST and industry standards following all the best practices. Ability to produce detailed architectural diagrams and technical documentation from business/technical requirements.Responsibilities:Provides subject matter expertise and consulting services on a range of technologies and assists Technical Analysts and Infrastructure Engineers to ensure that technology solutions comply with enterprise system design and engineering standardsAssists with translating business requirements into technical definitions, reference models, blueprints, and playbooks for deployment in compliance with architecture standards and policiesAssists in the evaluation of reference models, blueprints and playbooks to ensure they are fit for purposeDevelops software solutions to address manual and repeatable work or inefficient processesConducts on-site evaluations of third-party products being considered for firm adoptionPromotes an inclusive and healthy working environment and helps to resolve organizational impediments/blockersContributes to the creation/selection of functional and non-functional product evaluation requirements within and across domainsDevelop and implement key management solution based on security policies and procedures to achieve secure key lifecycle managementOversight of the generation, distribution, and secure storage of cryptographic keys, ensuring they are held in accordance to the highest security protocolsBuild, maintain and monitor highly resilient, redundant and secure key management systemsEnsure compliance with internal standards, procedures and regulatory requirements related to key management. Participate in security audits and assessmentsAvailable to respond to security incidents involving the compromise or corruption of cryptographic key scenarios. Devise, implement and document corrective actions to prevent future incidents. Familiarity of Incident and Problem Management systems like Remedy or ServiceNowWork closely with clients, partners, vendors and security teams to integrate key management practices into broader security initiatives. Provide guidance and support on cryptographic practices. Collaborate with operations and other cross-functional teams to implement automated workflows for key lifecycle managementMaintain comprehensive documentation of key management processes, configurations, and incident responsesConduct training sessions and awareness programs for employees on best practices in key management and cryptographic security. Stay up-to-date with industry trends and emerging technologies related to key management and cryptographic standardsRequired Qualifications:6+ years of experience in key management, cryptographic security, or a related fieldProficiency in key management systems and tools (e.g., HSMs, KMS, PKI)Strong understanding of cryptographic algorithms and protocolsExperience with security standards and frameworks (e.g., NIST, ISO 27001, PCI DSS)Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)Proficiency in Linux and Windows operating systemsStrong experience with automation using Perl, python or PowerShellFamiliarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)Use of monitoring tools i.e. Splunk, Elastic, Prometheus/Grafana stack, ELK, etc.Proficiency in at least one programming language (e.g., Java, Go) and experience with orchestration tools (e.g., Ansible, Terraform).Experience using Utimaco, Thales, Entrust, etc. products for HSM and other Key Management components like legacy Gemalto, Vormetric or CipherTrust ManagerWorking knowledge of JIRA and Agile Scrum routinesFamiliarity with DevOps practices and tools (e.g., CI/CD pipelines)Desired Qualifications:Bachelors degree in Computer Science, Information Security, or relevant experienceAdvanced degrees or certifications (e.g., CISSP, CISM, CEH)Strong analytical and problem-solving skillsExcellent communication and interpersonal skillsSelf motivated and able to work with minimal supervision as part of a teamDetail-oriented with a strong commitment to maintaining high-security standardsSkills:Analytical ThinkingApplication DevelopmentAutomationProduction SupportRisk ManagementAdaptabilityBusiness AcumenDevOps PracticesSolution Delivery ProcessSolution DesignArchitectureCollaborationInnovative ThinkingStakeholder ManagementTechnical Strategy DevelopmentShift:1st shift (United States of America)
Hours Per Week:40
This job is responsible for tool and service designs within a technical domain that enable business strategies in accordance with architectural governance, standards and policies. Key responsibilities include creating infrastructure tools and their integration as a service, facilitating deployment of technical solutions by developing templates, playbooks and automation used during implementation. Job expectations include looking for opportunities to improve efficiency when implementing and maintaining tools/services and embracing a culture of innovation and continuous improvement.Overview:The Cryptographic Engineer will be responsible for designing, implementing, and maintaining the key management system used to protect sensitive data within the bank. This role involves ensuring the secure generation, storage, distribution, and rotation of cryptographic keys in compliance with NIST and industry standards following all the best practices. Ability to produce detailed architectural diagrams and technical documentation from business/technical requirements.Responsibilities:Provides subject matter expertise and consulting services on a range of technologies and assists Technical Analysts and Infrastructure Engineers to ensure that technology solutions comply with enterprise system design and engineering standardsAssists with translating business requirements into technical definitions, reference models, blueprints, and playbooks for deployment in compliance with architecture standards and policiesAssists in the evaluation of reference models, blueprints and playbooks to ensure they are fit for purposeDevelops software solutions to address manual and repeatable work or inefficient processesConducts on-site evaluations of third-party products being considered for firm adoptionPromotes an inclusive and healthy working environment and helps to resolve organizational impediments/blockersContributes to the creation/selection of functional and non-functional product evaluation requirements within and across domainsDevelop and implement key management solution based on security policies and procedures to achieve secure key lifecycle managementOversight of the generation, distribution, and secure storage of cryptographic keys, ensuring they are held in accordance to the highest security protocolsBuild, maintain and monitor highly resilient, redundant and secure key management systemsEnsure compliance with internal standards, procedures and regulatory requirements related to key management. Participate in security audits and assessmentsAvailable to respond to security incidents involving the compromise or corruption of cryptographic key scenarios. Devise, implement and document corrective actions to prevent future incidents. Familiarity of Incident and Problem Management systems like Remedy or ServiceNowWork closely with clients, partners, vendors and security teams to integrate key management practices into broader security initiatives. Provide guidance and support on cryptographic practices. Collaborate with operations and other cross-functional teams to implement automated workflows for key lifecycle managementMaintain comprehensive documentation of key management processes, configurations, and incident responsesConduct training sessions and awareness programs for employees on best practices in key management and cryptographic security. Stay up-to-date with industry trends and emerging technologies related to key management and cryptographic standardsRequired Qualifications:6+ years of experience in key management, cryptographic security, or a related fieldProficiency in key management systems and tools (e.g., HSMs, KMS, PKI)Strong understanding of cryptographic algorithms and protocolsExperience with security standards and frameworks (e.g., NIST, ISO 27001, PCI DSS)Familiarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)Proficiency in Linux and Windows operating systemsStrong experience with automation using Perl, python or PowerShellFamiliarity with cloud-based key management services (e.g., AWS KMS, Azure Key Vault)Use of monitoring tools i.e. Splunk, Elastic, Prometheus/Grafana stack, ELK, etc.Proficiency in at least one programming language (e.g., Java, Go) and experience with orchestration tools (e.g., Ansible, Terraform).Experience using Utimaco, Thales, Entrust, etc. products for HSM and other Key Management components like legacy Gemalto, Vormetric or CipherTrust ManagerWorking knowledge of JIRA and Agile Scrum routinesFamiliarity with DevOps practices and tools (e.g., CI/CD pipelines)Desired Qualifications:Bachelors degree in Computer Science, Information Security, or relevant experienceAdvanced degrees or certifications (e.g., CISSP, CISM, CEH)Strong analytical and problem-solving skillsExcellent communication and interpersonal skillsSelf motivated and able to work with minimal supervision as part of a teamDetail-oriented with a strong commitment to maintaining high-security standardsSkills:Analytical ThinkingApplication DevelopmentAutomationProduction SupportRisk ManagementAdaptabilityBusiness AcumenDevOps PracticesSolution Delivery ProcessSolution DesignArchitectureCollaborationInnovative ThinkingStakeholder ManagementTechnical Strategy DevelopmentShift:1st shift (United States of America)
Hours Per Week:40