Senior Engineer – SIEM Platform Engineering & Operations
Company: Bank of America
Location: Denver
Posted on: April 1, 2026
|
|
|
Job Description:
Job Description: At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. We do this by driving Responsible Growth and
delivering for our clients, teammates, communities and shareholders
every day. Being a Great Place to Work is core to how we drive
Responsible Growth. This includes our commitment to being an
inclusive workplace, attracting and developing exceptional talent,
supporting our teammates’ physical, emotional, and financial
wellness, recognizing and rewarding performance, and how we make an
impact in the communities we serve. Bank of America is committed to
an in-office culture with specific requirements for office-based
attendance and which allows for an appropriate level of flexibility
for our teammates and businesses based on role-specific
considerations. At Bank of America, you can build a successful
career with opportunities to learn, grow, and make an impact. Join
us! Job Description: The Senior Engineer SIEM Platform Engineering
& Operations is responsible for engineering, monitoring, and
optimizing the firm’s SIEM ecosystem including Splunk, Microsoft
Sentinel, and associated data pipelines to ensure data quality,
platform resiliency, and analytic reliability. This role enhances
the security data environment, leads strategic and tactical
improvements, and serves as a SIEM subject-matter expert and mentor
across Cyber Security Technology teams. Core Responsibilities
Engineer, monitor, and maintain the operational health and
resiliency of SIEM platforms including Splunk Enterprise/Cloud and
Microsoft Sentinel. Implement SIEM platform resiliency controls
including cluster monitoring, ingestion latency tracking, and
workload distribution optimizations. Monitor, maintain, and
troubleshoot the data ingestion pipeline including Kafka clusters,
Cribl pipelines, Splunk Forwarders, and Sentinel connectors.
Develop dashboards for pipeline throughput, message lag, schema
drift, and end-to-end data quality validation. Manage and enforce
data SLIs/SLOs across freshness, completeness, correctness, and
availability. Ensure proper CIM/OCSF/CEF normalization and
enrichment for all security-relevant data sources. Oversee the
Anvilogic content management platform including rule execution
health, version control, and analytics dependency monitoring.
Develop unified observability dashboards covering SIEM platform
state, ingestion health, detection pipeline execution, and analytic
reliability. Serve as escalation point for SIEM data outages,
ingestion failures, analytic misfires, and platform degradations.
Collaborate with operational and engineering teams to design and
enhance security detections, analytics, and proactive defenses.
Write, optimize, and maintain SPL, KQL, and other query languages
to support analytics, threat detection, and investigations. Support
Model Risk Management (MRM) efforts to describe AI or ML Models in
use by any of our SIEM Technologies. Required Qualifications 6
years experience in Security Operations, SIEM Engineering,
Detection Engineering, Incident Response, or related enterprise
disciplines. Hands-on experience with Splunk Enterprise/Cloud and
Microsoft Sentinel in large-scale environments. Experience with
Kafka, Cribl, Databricks, Hadoop, Python, SQL, Pandas, Spark, or
similar data platforms. Experience mapping log sources into
structured models such as CIM, OCSF, CEF. Ability to troubleshoot
complex SIEM ingestion, data quality, and infrastructure
performance issues. Experience with EDR, SIEM, SOAR, and other
enterprise-scale cybersecurity tools. Ability to manage competing
priorities, drive consensus, and deliver results across distributed
teams. Desired Qualifications Experience with offensive security
tooling and integrating SIEM/SOAR/TIP platforms. Knowledge of data
science processes and statistical methods for detection
enhancement. Experience threat hunting or performing detection
engineering in cloud environments such as Azure, AWS, or M365.
Experience maintaining Splunk KV stores, apps, and performing
regular upgrades. Experience building SRE-style observability and
reliability patterns (SLIs, SLOs, error budgets) for cybersecurity
platforms. Awareness of AI enabled Security Operations
technologies. Skills: Influence Result Orientation Solution Design
Stakeholder Management Technical Strategy Development Access and
Identity Management Cyber Security Information Systems Management
Risk Management Solution Delivery Process Collaboration Critical
Thinking DevOps Practices Financial Management Test Engineering
This job will be open and accepting applications for a minimum of
seven days from the date it was posted. Shift: 1st shift (United
States of America) Hours Per Week: 40 Pay Transparency details US -
CO - Denver - 1144 15th St - Denver Gis (CO9926) Pay and benefits
information Pay range $150,000.00 - $190,700.00 annualized salary,
offers to be determined based on experience, education and skill
set. Discretionary incentive eligible This role is eligible to
participate in the annual discretionary plan. Employees are
eligible for an annual discretionary award based on their overall
individual performance results and behaviors, the performance and
contributions of their line of business and/or group; and the
overall success of the Company. Benefits This role is currently
benefits eligible. We provide industry-leading benefits, access to
paid time off, resources and support to our employees so they can
make a genuine impact and contribute to the sustainable growth of
our business and the communities we serve.
Keywords: Bank of America, Cheyenne , Senior Engineer – SIEM Platform Engineering & Operations, IT / Software / Systems , Denver, Wyoming
