Site Reliability Engineer, Identity Management Operations, KMS

n our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

The SRE will partner directly with Software Engineering, CTI Engineering, and Production Services teams to improve reliability and observability for the services they support by planning and implementing any instrumentation, tooling, ticketing, alerting and on-call routines defined in observability designs. They typically support services with less strenuous reliability requirements as they learn SRE standards and practices. SREs will engage in production triage efforts and Problem Management routines, using the experiences to continue to grow their SRE knowledge and to start identifying potential gaps in the observability design or implementation. The SRE will also focus heavily on software development activities, with a focus toward delivering automated solutions to eliminate operational ‘toil’ and suggesting code enhancements to software engineering teams to help improve the reliability or observability of the service.

Job Summary:

Candidate will partner with key leaders in Core Technology Infrastructure (CTI) Engineering, and Technology Services roles to define objective reliability goals for the KMS service, including observability designs specifying plans to gain operational visibility into meeting those goals through instrumentation and dashboards. The individual in this role will consistently look for opportunities to improve the reliability and efficiency of operating our services, spending a considerable portion of their time utilizing their engineering skills to find automation solutions to manual support activities, along with influencing a culture that drives innovation and continuous improvement. This individual will be engaged in major production triage efforts and work with problem management in the identification of root cause of highly impactful or complex issues as required. This individual will use the knowledge gained in those efforts to partner closely with software developers, production services, architects, and Infrastructure teams to drive delivery of sustainable and reusable design patterns supporting efficient production operation and to ensure non-functional production support requirements are adopted early in the application development lifecycle.

Key Responsibilities:

• Identify client requirements and propose technical solutions
• Install, configure, operate, maintain, and monitor related cryptographic use cases 
• Deploy, configure, and manage encryption/key management services
• Analyze patterns or trends for root cause analysis
• Audit, log and report user life-cycle management steps against access control list on managed platforms
• Configure and manage federated identity, credentials, access management tools in compliance with security policy, standards, and procedures
• Complete tasks related to authorization and authentication in physical and logical environments
• Develop, deliver, and oversee related cybersecurity training material and educational efforts related to role
• Engage as a subject matter expert (SME) in major incident triage efforts, failure scenario modelling and work with the Problem Manager to diagnose root causes for complex/high impact major incident / problem management investigations
• Collaborate with Development and Infrastructure teams to understand technical solutions and to develop Service Level Indicators (SLIs) and Service Level Objectives (SLOs) to measure and improve the reliability of the AD service
• Develop software solutions and/or improved processes to address work identified as ‘toil’ by collaborating with key partners to identify, track and remediate these work processes to free up time to focus on reliability
• Assess monitoring for new changes with development partners and work with monitoring tools team to enhance application and system monitoring designs as well as monitoring dashboards for new projects and initiatives
• Design solutions to visualize key production support metrics that enable both Operational Readiness and Site Reliability Engineer (SRE) teams to identify scenarios requiring intervention or opportunities to improve support efficiency and/or system reliability
• Identify vulnerabilities and opportunities for reliability improvement, such as investigating low level error rates and 'noise' in monitoring and define solutions to reduce manual support effort and/or improve system reliability Identify and plan for capacity and performance bottlenecks
• Participate in 24x7 on-call coverage follow the sun model

Required Skills:

• 5+ years of experience in Cryptography and encryption concepts and methodologies
• Cryptanalysis
• Symmetric and asymmetric cryptography
• Steganography and Steganalysis
• National cryptologic authorities (NIST)
• Public key infrastructure providers
• Organizational information technology (IT) user security policies (https://e.g., account creation, password rules, access control)
• Network access, identity, and access management protocols, tools and procedures
• National and international standards
• Authentication, authorization, and access control methods
• PKI (Public Key Infrastructure), HSM (Hardware Security Module), Digital Certificate, SSL/TLS (Secure Sockets Layer / Transport Layer Security), SSH (Secure Shell), current encryption technologies
• Related application life-cycle processes
• Digital signatures, digital certificates, and digital certificate management
• Authentication protocols
• File and Disk Encryption
• Encryption Algorithms
• Organizational analysis of user and business trends
• Client consultation and problem resolution

Desired Skills:

• Excellent collaboration and communication skills
• Ability to document effectively
• Relevant training or certifications in site reliability engineering practices and tools
• Hands-on experience supporting incident escalations and troubleshooting
• Documenting processes and related knowledge related to Privilege Access Mgmt vaulting solutions
• Ability to evaluate incidents after resolution and conduct effective and in-depth postmortems

Shift:

1st shift (United States of America)

Hours Per Week: 

40