Skills

Required

8+ years in cybersecurity, security architecture, or platform security engineering
Strong expertise in: Identity and access management (IAM), OAuth2, mTLS
API security, gateway enforcement, and zero-trust design
Threat modeling and risk assessment
Proven experience designing and securing: Distributed, cloud-native platforms
Multi-tenant systems with strict data access controls
Strong understanding of: Data protection, encryption, and access control principles
Auditability, logging, and compliance frameworks

Nice to have

Experience with GenAI / AI/ML security, including: Prompt injection and adversarial attacks
Data leakage and model misuse risks
Guardrails and safety evaluation frameworks
Experience securing: RAG architectures, vector databases, and retrieval pipelines
Agent-based or multi-agent systems
Experience in regulated environments (financial services strongly preferred)
Familiarity with: OWASP LLM / agentic security risks
Model governance, lineage, and compliance metadata

Other signals

Generative AI presents an exciting opportunity to derive valuable insights from data and drive revenue growth, efficiencies, and improved business processes.

Define and implement the security architecture for the GenAI platform

Design and enforce identity and access control models

Establish secure API and tool invocation patterns

Define and implement AI guardrails and safety controls

Lead threat modeling and risk assessment for GenAI systems

Design and enforce RAG and data security controls

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits.

We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve.

Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Job Description: This job is responsible for defining and leading the engineering approach for complex features to deliver significant business outcomes. Key responsibilities of the job include delivering complex features and technology, enabling development efficiencies, providing technical thought leadership based on conducting multiple software implementations, and applying both depth and breadth in a number of technical competencies. Additionally, this job is accountable for end-to-end solution design and delivery.

Job Profile Summary:

Global Markets GenAI Technology is a fast-growing global team with locations in New York City, Charlotte, London, and India. Generative AI presents an exciting opportunity to derive valuable insights from data and drive revenue growth, efficiencies, and improved business processes. Global Markets GenAI Technology will collaborate with Global Markets Sales & Trading, Quantitative Strategies & Data Group (QSDG) & Platform teams to the design and buildout global generative AI platform.

The platform will cater to a rapidly growing number of use cases that harness the power of Generative AI. Both proprietary and open-source Large Language Models, and large structured and un-structured data sets will be leveraged to produce insights for Global Markets and its clients.

Responsibilities:

Ensures that the design and engineering approach for complex features are consistent with the larger portfolio solution
Define the technology tool stack for the solution and evaluate and adapt new testing tool/framework/practices for team(s)
Enables team(s)/applications with Continuous Integration/Continuous Development (CI/CD) capabilities and engages with other technical stakeholders pertaining to efficient functioning of CI-CD pipeline
Guides and influences team(s) on design and best practices for high code performance –e.g. pairing, code reviews
Provides end-to-end delivery of complex features, including automation, for either a single team or multiple teams, at the program level
Conducts research, design prototyping and other exploration activities such as evaluating new toolsets and components for release management, CI/CD, and features
Works with stakeholders to establish high-level solution needs and with architects for technical requirements
Define and implement the security architecture for the GenAI platform
Design and enforce identity and access control models
Establish secure API and tool invocation patterns
Define and implement AI guardrails and safety controls
Lead threat modeling and risk assessment for GenAI systems
Design and enforce RAG and data security controls

Required Qualifications:

8+ years in cybersecurity, security architecture, or platform security engineering
Strong expertise in:
- Identity and access management (IAM), OAuth2, mTLS
- API security, gateway enforcement, and zero-trust design
- Threat modeling and risk assessment
Proven experience designing and securing:
- Distributed, cloud-native platforms
- Multi-tenant systems with strict data access controls
Strong understanding of:
- Data protection, encryption, and access control principles
- Auditability, logging, and compliance frameworks
Familiarity with:
- Observability and detection engineering (SIEM, anomaly detection)
- Attack vectors and security risks in modern application architectures

Desired Qualifications:

Experience with GenAI / AI/ML security, including:
- Prompt injection and adversarial attacks
- Data leakage and model misuse risks
- Guardrails and safety evaluation frameworks
Experience securing:
- RAG architectures, vector databases, and retrieval pipelines
- Agent-based or multi-agent systems
Experience in regulated environments (financial services strongly preferred)
Familiarity with:
- OWASP LLM / agentic security risks
- Model governance, lineage, and compliance metadata

Skills:

Automation
Influence
Result Orientation
Stakeholder Management
Technical Strategy Development
Application Development
Architecture
Business Acumen
Risk Management
Solution Design
Agile Practices
Analytical Thinking
Collaboration
Data Management
Solution Delivery Process

Minimum Education Requirements: Bachelor Degree or Equivalent Professional Experience

Shift:

1st shift (United States of America)

**Hours Per Week: **

Pay Transparency details

US - NY - New York - 1100 Ave Of The Americas - Two Bryant Park (NY1540)

Pay and benefits information

Pay range

$122,000.00 - $200,000.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.