Info Security Controls Sr Specialist

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

We have an exciting opportunity for an Info Security Controls Sr Specialist to join our Process and Metrics Excellence organization part of Global Information Security (GIS).
 
The Info Security Controls Sr Specialist reports into the Planning, Controls & Governance (PCG) organization, partnering with business function leaders, operations process owners and subject matter experts (SMEs) to promote a strong risk management culture with a focus on information security risk. The candidate will also actively contribute to the Operational Excellence cultural shift, providing proactive alignment to tactical and strategic projects and programs aligned to GIS while ensuring understanding and consideration of the overall multiyear strategy and roadmap across the space.  
 
We are looking for a strong risk and issues specialist with the right level of experience, ability to challenge and influence stakeholders at all levels in the organization, and with excellent analytical and critical thinking skills. Directly supports the program's strategic direction, transformation efforts, and process driven culture.
 
Responsibilities include, but not limited to:  
•    Lead Cyber Control Oversight program, including assessment of information security controls and supporting Enterprise program expansion
•    Oversee executive issue portfolio to ensure timely deliverables and proactive escalation of risks
•    Facilitate issue to process alignments with Process Owners and Issue Owners
•    Assist with timely coordination and response to Audit, Exam, and Regulatory requests
•    Identify process improvements based on program maturity, challenges and issue remediation
•    Support the program's short-and-long term strategy, while identifying continuous improvements
•    Acts as liaison with Global Technology and Enterprise partners
 
Requirements Skills:
•    8-10 years of related experience or business exposure desired and strong delivery mindset
•    Issue identification, escalation, and reporting experience
•    Strong risk and compliance background, including understanding of Information Security Policy and Standards
•    Aptitude for strategic and critical thinking, with the ability to identify improvement opportunities
•    Data driven and metrics/ results oriented 
•    Excels in working among diverse viewpoints to determine the best path forward
•    Excellent verbal and communications skills 
 
Desired Skills:
•    Knowledge of information security frameworks (NIST 800-53, MITRE, ISO, etc.)
•    Knowledge of Process Inventory and Process Owner Portal (POP)
•    Experience leading successful multi-team projects 
•    Experience coordinating and responding to Regulatory and Audit requests
•    Prior experience in Information Security desirable
•    Believes in the value of diversity so we can reflect, connect, and meet the diverse needs of our clients and employees around the world
•    Critical thinking skills – ability to assess quantitative and qualitative data to identify key themes that require deeper analysis and assessment
•    Creativity – able to look at a problem from a new perspective and to develop new ideas and solutions
•    Commitment to challenging the status quo and promoting positive change
•    Experience working in a global environment  

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

Hours Per Week: