Job Description Summary and Company Overview

​

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

​

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

​

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

​

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

​

Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation, architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.

​

We are seeking a highly skilled and experienced Senior Cloud Security Product Manager to join our team. In this role, you will be responsible for integrating security controls as code within our cloud platforms. You will work closely with cross-functional teams, including DevOps, software engineering, and IT operations, to design, implement, and maintain robust security solutions that protect our cloud infrastructure from emerging threats.

• Product Vision and Strategy: Define and communicate a clear product vision that aligns with our Cybersecurity, Line of Business and Customer Goals considering market trends and feedback.
• Prioritization & Backlog Refinement: Capture demand, prioritize mitigation of key risks and maintain a backlog to ensure the development team is working on the right things in the right order.
• Compliance & Governance: Demonstrate that our cloud environments comply with internal control requirements and regulatory obligations, with robust reporting and dashboards.
• Advocacy: Communicate the possibilities the Cloud Provides for Cybersecurity vision and roadmap to stakeholders and the team and drive user adoption.
• Collaboration: Work closely with DevOps, engineering, and IT teams to integrate security best practices into CI/CD pipelines, ensuring secure and efficient deployment processes.
• Documentation: Maintain comprehensive documentation of security controls, policies, and procedures for cloud environments.

Experience & Qualifications:

• Experience: Significant experience in Product Management in cybersecurity across multiple domains, with a strong focus on cloud security and integrating controls as code.
• Technical Expertise: Deep knowledge of cloud platforms (AWS, Azure, GCP) and significant experience building and operating cloud-native security tools and services.
• Security Frameworks: Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their application in cloud environments.
• Agile Delivery: Experience working in modern development teams, leveraging agile concepts and frameworks used for planning, refinement, prioritization.
• DevSecOps: Strong understanding of DevSecOps principles and experience integrating security into CI/CD pipelines and operational processes.
• Problem-Solving: Excellent problem-solving skills, with the ability to think critically and adapt to new challenges and communicate insights in simple terms.
• Communication: Strong written and verbal communication skills, with the ability influence at all levels by explain complex security concepts to non-technical stakeholders.
• Certifications: Relevant certifications such as CISSP, CCSP, AWS Solutions Architect; AWS Security Specialty AWS Certified Security; Azure Developer Associate & Azure Security Engineer Associate

​

Skills:

• Planful: Thoughtfully setting, proactively managing, and predictably achieving commitments through strategy, process, communication, and delivery.
• Ownership: Acceptance of full responsibility for delivery outcome – “buck stops here” mentality. And collaboratively addressing problems as they arise.
• Connected: Clear orientation and understanding of where you, your team, your work/priorities join with others in a common goal.
• Consistency: Drive toward and adoption of logical, efficient, and sustainable processes and tools to achieve predictable results.
• Accuracy: Achieving business value (as agreed with key stakeholders and control partners) within defined tolerance across measurable parameters (scope, schedule, cost).

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

​

Shift:

1st shift (United States of America)

​

Hours Per Week: 40

​

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540), US - WA - Seattle - 401 Union St - Rainier Square (WA1510)

​

Pay and benefits information

​

Pay range

$115,800.00 - $215,000.00 annualized salary, offers to be determined based on experience, education and skill set.

​

Discretionary incentive eligible

​

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

​

Benefits

​

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Summary of the Role and Company Overview

​

At eBay, we're more than a global ecommerce leader — we’re changing the way the world shops and sells. Our platform empowers millions of buyers and sellers in more than 190 markets around the world. We’re committed to pushing boundaries and leaving our mark as we reinvent the future of ecommerce for enthusiasts.

​

Our customers are our compass, authenticity thrives, bold ideas are welcome, and everyone can bring their unique selves to work — every day. We're in this together, sustaining the future of our customers, our company, and our planet.

​

Join a team of passionate thinkers, innovators, and dreamers — and help us connect people and build communities to create economic opportunity for all.

​

Prefer to hire in our Austin location for a hybrid schedule, 3 days a week in office, not currently offering full remote work for this role

​

About the team and role:

​

eBay’s Cloud team is on a transformative journey to build a software-defined infrastructure that scales with our business and self-heals. We face unique challenges daily, requiring innovative solutions that ensure our platform's reliability, availability, and efficiency.

​

Our work is essential to eBay's operations, impacting millions of customers who rely on our platform, often as their primary source of income. We offer autonomy, demand expertise, and together, we fulfill our mission.

​

The Cloud Security team at eBay is dedicated to designing, building, and managing critical, scalable security services that protect eBay's infrastructure without hindering developer efficiency. Our approach to innovation is to make security invisible, providing a flawless experience for engineers while fortifying the cloud with zero-trust architecture and layered defense strategies.

• Collaborate with architects and product managers to gather and analyze requirements.
• Author comprehensive software design documents to outline innovative solutions.
• Develop high-quality code with a focus on test-driven development.
• Design, implement, and maintain CI/CD pipelines for efficient software deployment.
• Develop monitoring dashboards and alert systems to ensure service performance.
• Fix and resolve production issues, providing outstanding customer support.

Required Qualifications

​

• M.S. or PhD in Computer Science or a related field, with a minimum of 4+ years of proven experience
• Proficiency in one or more programming languages: Java, Python or Go.
• Proficient in problem-solving, with a strong understanding of data structures and algorithms and a solid foundation in core computer science concepts, including operating systems, security, databases and distributed systems.
• Experience working with both relational and non-relational databases like MySQL, MongoDB
• Experience working in any of Cloud Security Software development like Authentication, Authorization, Access management, Data encryption.
• Authentication and Authorization: OIDC, OAuth, SSO, FIDO, Access management - RBAC, Scope Claim based access, Policy based access
• Kubernetes customization – API Server webhooks, Custom Resource definitions, Controllers and Service mesh technologies like Istio and Envoy.

The pay range for this position at commencement of employment in California, Washington, or New York is expected in the range below.

$126,400 - $195,800

​

Base pay offered may vary depending on multiple individualized factors, including location, skills, and experience. The total compensation package for this position may also include other elements, including a target bonus and restricted stock units (as applicable) in addition to a full range of medical, financial, and/or other benefits (including 401(k) eligibility and various paid time off benefits, such as PTO and parental leave). Details of participation in these benefit plans will be provided if an employee receives an offer of employment.

​

If hired, employees will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

​

Please see the Talent Privacy Notice for information regarding how eBay handles your personal data collected when you use the eBay Careers website or apply for a job with eBay.

​

eBay is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, sexual orientation, gender identity, veteran status, and disability, or other legally protected status. If you have a need that requires accommodation, please contact us at talent@ebay.com. We will make every effort to respond to your request for accommodation as soon as possible. View our accessibility statement to learn more about eBay's commitment to ensuring digital accessibility for people with disabilities.

​

This website uses cookies to enhance your experience. By continuing to browse the site, you agree to our use of cookies. Visit our Privacy Center for more information.

Cloud Cybersecurity

​

Company Overview:

​

Halcyon Days Consulting (HDC) is a veteran owned small business with combined experience in and out of uniform. The HDC team is composed of subject matter experts who specialize in software development, data management and analysis for the DOD, IC, and other government and commercial partners.

​

Benefits

​

HDC believes GREAT teams need GREAT tools!

​

• Health Care - Employer paid medical, dental, vision for the employee and their dependents
• 401K - Employer contributed 3% Safe Harbor, also up to 5% employer match, and 100% vested on hire date
• PTO/Holiday - 160 hours PTO/Sick leave per year, 11 paid holidays per year
• Tuition Assistance - Up to $5250 per year

​

Salary Range:

​

$190,000 - $210,000

​

This salary range is an hourly exempt (exempt from overtime) position. Benefits are provided in addition to the salary range.

​

Clearance Required: TS/SCI

​

Location: Stevensville, MD

​

Description:

​

This is a full-time position and work is performed at a customer location. The Cloud Cybersecurity SME is responsible for conducting threat and risk analysis and analyzing the operational impact of new and existing systems and technologies to eliminate risk, performance, and capacity issues. The Cloud Cybersecurity SME performs research, testing, evaluation, and deployment of security technology and procedures and runs diagnostics on changes to data to verify undetected breaches.

• Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information.
• Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
• May ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure.
• May respond to computer security breaches and viruses.
• Provides technical/management leadership on major tasks or technology assignments. Establishes goals and plans that meet project objectives.
• Has domain and expert technical knowledge.
• Directs and controls activities for a client, having overall responsibility for financial management, methods, and staffing to ensure that technical requirements are met.
• Interactions involve client negotiations and interfacing with senior management.
• Decision-making and domain knowledge may have a critical impact on overall project implementation.
• May supervise others.

Qualifications Required:

• Minimum experience required: 12 years
• May be substituted for a High School degree and 16 years of experience OR Associates and 14 years of experience.
• Clearance Required: TS/SCI

​

Qualifications Desired:

• Advanced understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements.
• Hands-on experience analyzing high volumes of logs, network data (e.g., NetFlow, FPC), and other attack artifacts in support of incident investigations.
• Experience with vulnerability scanning solutions.
• Familiarity with the DOD Information Assurance Vulnerability Management Program.
• Proficiency with any of the following: Anti-virus, HIPS, ID/PS, Full Packet Capture, Host-Based Forensics, Network Forensics, and RSA Security.

Halcyon Days Consulting, LLC provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, pregnancy, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

​

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.