Bank of America
Principal Security Automation Engineer (Tines)
Bank of America, Denver, Colorado, United States, 80285
Principal Security Automation Engineer (Tines)
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Key Responsibilities
Architect, implement, and maintain advanced automation workflows using Tines.
Collaborate with SOC and IR teams to identify high-impact use cases for automation.
Integrate Tines with enterprise systems including EDR, SIEM, threat intelligence platforms, and cloud services.
Lead secure integration of Tines with SSO, credential vaults, and external repositories.
Design and configure secure connectivity solutions (e.g., Cloudflare tunnels, VPNs) for hybrid environments.
Develop and maintain orchestration stories across platforms such as CrowdStrike, Tanium, Splunk, Anvilogic, ThreatQ, AWS, and Azure.
Write, test, and debug Python-based automation logic.
Analyze Tines logs and metrics to optimize performance and reliability.
Create and maintain technical documentation, runbooks, and architectural diagrams.
Engage with stakeholders across security, infrastructure, and application teams to gather requirements and align automation efforts with business goals.
Ensure all automation workflows adhere to enterprise security policies and change management processes.
Required Qualifications
8+ years of experience in cybersecurity, with at least 3+ years in a security automation or engineering role.
Proven experience working with SOC and/or Incident Response teams to operationalize automation.
Hands-on experience with Tines or similar SOAR platforms (e.g., Splunk SOAR, Palo Alto XSOAR).
Strong programming skills in Python; experience with Git and CI/CD pipelines.
Deep understanding of REST APIs, webhooks, and secure API integrations.
Experience with cloud platforms (AWS, Azure, or GCP), including automation and security architecture.
Familiarity with AI/ML integrations (e.g., AWS Bedrock, OpenAI APIs) is a plus.
Experience configuring secure tunnels (e.g., Cloudflare, SSH, VPN) for hybrid environments.
Strong knowledge of security frameworks and best practices (e.g., NIST, MITRE ATT&CK).
Excellent communication skills and ability to translate technical concepts for non-technical stakeholders.
Experience with Agile/Scrum methodologies and tools such as Jira and Confluence.
Desired Qualifications
CISSP, GIAC, or equivalent security certification.
Tines certifications (both entry-level and advanced preferred).
AWS Certified Security – Specialty or equivalent cloud security certification.
Skills
Automation
Influence
Result Orientation
Stakeholder Management
Technical Strategy Development
Application Development
Architecture
Business Acumen
Risk Management
Solution Design
Agile Practices
Analytical Thinking
Collaboration
Data Management
Solution Delivery Process
Shift: 1st shift (United States of America) | Hours Per Week: 40 | Seniority Level: Mid‑Senior | Employment Type: Full‑time | Job Function: Engineering and Information Technology | Industry: Banking
#J-18808-Ljbffr
Key Responsibilities
Architect, implement, and maintain advanced automation workflows using Tines.
Collaborate with SOC and IR teams to identify high-impact use cases for automation.
Integrate Tines with enterprise systems including EDR, SIEM, threat intelligence platforms, and cloud services.
Lead secure integration of Tines with SSO, credential vaults, and external repositories.
Design and configure secure connectivity solutions (e.g., Cloudflare tunnels, VPNs) for hybrid environments.
Develop and maintain orchestration stories across platforms such as CrowdStrike, Tanium, Splunk, Anvilogic, ThreatQ, AWS, and Azure.
Write, test, and debug Python-based automation logic.
Analyze Tines logs and metrics to optimize performance and reliability.
Create and maintain technical documentation, runbooks, and architectural diagrams.
Engage with stakeholders across security, infrastructure, and application teams to gather requirements and align automation efforts with business goals.
Ensure all automation workflows adhere to enterprise security policies and change management processes.
Required Qualifications
8+ years of experience in cybersecurity, with at least 3+ years in a security automation or engineering role.
Proven experience working with SOC and/or Incident Response teams to operationalize automation.
Hands-on experience with Tines or similar SOAR platforms (e.g., Splunk SOAR, Palo Alto XSOAR).
Strong programming skills in Python; experience with Git and CI/CD pipelines.
Deep understanding of REST APIs, webhooks, and secure API integrations.
Experience with cloud platforms (AWS, Azure, or GCP), including automation and security architecture.
Familiarity with AI/ML integrations (e.g., AWS Bedrock, OpenAI APIs) is a plus.
Experience configuring secure tunnels (e.g., Cloudflare, SSH, VPN) for hybrid environments.
Strong knowledge of security frameworks and best practices (e.g., NIST, MITRE ATT&CK).
Excellent communication skills and ability to translate technical concepts for non-technical stakeholders.
Experience with Agile/Scrum methodologies and tools such as Jira and Confluence.
Desired Qualifications
CISSP, GIAC, or equivalent security certification.
Tines certifications (both entry-level and advanced preferred).
AWS Certified Security – Specialty or equivalent cloud security certification.
Skills
Automation
Influence
Result Orientation
Stakeholder Management
Technical Strategy Development
Application Development
Architecture
Business Acumen
Risk Management
Solution Design
Agile Practices
Analytical Thinking
Collaboration
Data Management
Solution Delivery Process
Shift: 1st shift (United States of America) | Hours Per Week: 40 | Seniority Level: Mid‑Senior | Employment Type: Full‑time | Job Function: Engineering and Information Technology | Industry: Banking
#J-18808-Ljbffr