Senior Architect Perimeter & DMZ
Chandler, Arizona
To proceed with your application, you must be at least 18 years of age.
Acknowledge (
Bank ofAmerica employees are required to meet allposting eligibility requirementsprior to applying for any new position.
Acknowledge (
Refer a friend
To proceed with your application, you must be at least 18 years of age.
Acknowledge (
Bank of America employees are required to meet allposting eligibility requirementsprior to applying for any new position.
Acknowledge (
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates' physical, emotional, and financial wellness through affordable, competitive and flexible benefits.
We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve.
Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Job Description:
This job is responsible for defining an architectural vision and solution that supports the strategic outcomes of the Business' Products and Services. Key responsibilities include defining the target operating environment, designing for client resiliency, assisting with solution design, and defining non-functional requirements. Job expectations include working with stakeholders and service providers aligned to the Business' strategic objectives, evaluating the impact of strategic design decisions, and contributing to the architecture roadmap.
Position Summary:
This role leads the network security architecture for perimeter services, external connectivity, and modern DMZ design. It ensures secure exposure of workloads and services across internet, partner, and third-party channels in line with the evolving access patterns and zero trust principles.
Responsibilities:
Works across the business, operations and technology to create the solution intent and architectural vision for complex solutions and prioritize functional and non-functional requirements into a technology backlog to enable the technology roadmap and functionality to support evolving capabilities and services
Contributes to the creation of the architecture roadmap of defined domains (Business, Application, Data, and Technology) in support of the product roadmap and the development of best practices including standardized templates
Clarifies the architecture, assists with system design to support implementation, and provides solution options to resolve any architectural impediments
Facilitates solution driven discussions, leads the design of complex architectures, and finds creative solutions through knowledge of domain, practical experiments, and proof of concepts while ensuring architecture is flexible, modular, and adaptable
Educates team members on the technology practices, standardization strategies, and best practices to create innovative solutions
Supports the team as needed to select the technology stack required for solutions and helps select preferred technology products
Performs design and code reviews to ensure all non-functional requirements are sufficiently met (for example, security, performance, maintainability, scalability, usability, and reliability)
Defines scalable and secure designs for ingress/egress. Internet facing services, B2B integration, and third-party access. The role drives the modernization of perimeter controls including firewalls, proxies, segmentation, and decentralized internet breakout strategies.
Designs secure architecture for inbound and outbound services, including zero trust ingress.
Acts as a design authority across programs involving network segmentation, partner access, and external service hosting.
Develops reusable frameworks to standardize policy enforcement, inspection, and observability
Partners with security, infrastructure, and application teams to embed security into network and perimeter designs.
Provides thought leadership, influences product direction, and ensures adoption of approved patterns.
Acts as mentor to engineering and security teams, embedding "secure by design" principles across delivery
Required Qualifications:
10+ years of progressive infrastructure / network / security engineering experience with 5+ years in architecture or senior technical leadership roles
Must have experience taking ownership of perimeter security and DMZ architectures for large-scale, high-availability enterprise environments
Proven delivery experience in regulated industries (financial services strongly preferred) with strong understanding of audit, risk, and control expectations
Strong experience leading cross-functional initiatives involving Network, Security, App teams, IAM, SRE/Operations, and Governance/Risk/Compliance (GRC)
Deep expertise designing and implementing segmented DMZ and perimeter architectures.
Experience embedding security measures.
Familiarity with threat modeling for internet-facing applications and partner connectivity
Demonstrated ability to create and enforce reference architectures, standards, patterns, and guardrails.
Desired Qualifications:
Hands-on experience with one or more of: Palo Alto, Fortinet, Check Point, Cisco, Juniper SRX F5, HAProxy, NGINX, cloud LBs, Akamai/Cloudflare (WAF/DDoS/CDN), Imperva, API gateways (Apigee, Kong, Mulesoft, AWS API Gateway / Azure APIM) SIEM integrations (Splunk, Sentinel, QRadar)
Security/network certifications such as: CISSP / CCSP (security architecture), PCNSE/CCNP Security, GIAC (e.g., GSEC, GCIA), or equivalent
Skills:
Analytical Thinking
Architecture
Result Orientation
Solution Design
Technical Strategy Development
Application Development
Collaboration
Data Management
DevOps Practices
Risk Management
Agile Practices
Automation
Influence
Solution Delivery Process
Test Engineering
Shift:
1st shift (United States of America)
Hours Per Week:
40
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
View your "Know your Rights ( " poster.
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy ("Policy") establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank's required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.