Senior Cryptographic Key Management Site Reliability Engineer II

Bank of America - Chicago, IL

posted 4 months ago

Full-time - Mid Level
Chicago, IL
Credit Intermediation and Related Activities

About the position

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day. One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being. Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization. Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us! We are seeking a talented and experienced Key Management Service (KMS) Service Reliability Engineer (SRE) to join our team. In this role, you will be responsible for ensuring reliability, stability, and security of a robust enterprise key management infrastructure. You will work closely with our CIOs, engineering, and security teams to maintain highly available and performant KMS solutions.

Responsibilities

  • Maintain key management infrastructure to meet user's needs, security, and compliance requirements.
  • Familiarity with Incident and Problem Management systems like Remedy or ServiceNow.
  • Monitor and optimize the performance and scalability of KMS Infrastructure.
  • Troubleshoot and resolve issues related to key management services, including encryption, decryption, and key rotation.
  • Implement and enforce security best practices to protect sensitive data and cryptographic keys.
  • Collaborate with Engineering and other cross-functional teams to implement automated workflows for key lifecycle management.
  • Implement patches, updates, and upgrades as needed.
  • Participate in on-call rotations and respond to incidents in a timely manner.
  • Conduct post-incident reviews and implement preventive measures to minimize the risk of recurrence.
  • Stay up-to-date with industry trends and emerging technologies related to key management and cryptographic standards.
  • Hands-on experience working on Linux/Unix and/or Windows server platforms.
  • Automation/scripting experience using Python, Perl, shell scripting, or PowerShell.

Requirements

  • 1+ years of cryptographic principles and key management experience
  • 1+ years of Service Reliability Background Experience including Triage, Issue Mitigation, Post Problem Review and Problem Management
  • 1+ years hands-on experience with key management systems such as AWS KMS, Azure Key Vault, or Google Cloud KMS
  • Excellent troubleshooting and problem-solving skills
  • Ability to work effectively with other functional areas and understand the operational and cultural issues relevant to achieving superior results.

Nice-to-haves

  • Experience using Utimaco, Thales, Entrust, etc. products for HSM and other Key Management components like legacy Gemalto, Vormetric or CipherTrust Manager
  • Familiarity with DevOps practices and tools (e.g., CI/CD pipelines)
  • Certifications such as AWS Certified Security - Specialty or Certified Kubernetes Administrator (CKA)
  • Knowledge in Quantum Cryptography
  • Java/API - microservices knowledge
  • Verbal, written communication and interpersonal skills
  • Ability to present complex security subjects to internal partners.

Benefits

  • Competitive benefits to support physical, emotional, and financial well-being.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service