Third Party Cyber Risk Assessor

Job Description:

Job Title: Third Party Cyber Risk Assessor

Corporate Title: Up to Vice President

Location: Dublin

Company Overview:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference.

Location Overview:

Our Central Park office in Leopardstown, boasts modern facilities based in Dublin’s premium business park. With an onsite gym and staff restaurant, all your daily needs are conveniently catered for. Travel options include the LUAS network and the Central Park shuttle service between Dublin City Centre and Central Park. We also provide tax saver tickets as part of our award-winning benefits package, which means getting to work has never been so easy.

Role Description:

In this role, you’ll conduct security reviews of third-party vendors, including pre-assessment, assessment, and remediation activities. Your work directly supports our commitment to safeguarding the Banks’ services. This role requires travel at least 50% of time. Applicants must be eligible to travel within EMEA.

Responsibilities

• As a Third-Party Cyber Risk Assessor, you’ll play a crucial role in ensuring the security of our third-party vendors.  Your responsibilities will include:

• Validating assessment scope.

• Partnering with vendor managers and third parties to answer detailed

• questions.

• Preparing them for assessment.

• Collecting and reviewing documentation.

• Evaluate a third party’s information security risk with a holistic lens.

• Identifying and discussing any information security gaps in the service provider's program with the third party.

• Determining if appropriate information security controls are in place.

• Escalating security issues or risks identified during the assessment.

• Completing assessment work papers.

• Produce assessment summary reports detailing the gaps identified and the potential impact and recommendations for mitigating the risk.

What we are looking for:

• A broad knowledge of IT, information security and business continuity principles and concepts

• Technical knowledge of a wide range of information security controls and the processes used for evaluating their design and effectiveness.

• A technical background in IT and networks having worked in a technical area and gained a deep understanding of the technology.

• A good understanding of cyber risks and controls and how they relate to current and emerging technologies.

• Critical Thinking skills – Ability to analyse complex security challenges and devise effective solutions.

• Problem Solving abilities– Proactive approach to addressing security issues and vulnerabilities.

• Technology System Assessment – Previous involvement in evaluating third-party systems for security risks.

• Customer and Client Focus – Ability to understand stakeholder needs and provide relevant security guidance.

• An ambassador for Bank of America always presenting a professional demeanour to external parties especially when faced with challenging situations.

• Effective Oral Communication skills – Articulating security findings and recommendations clearly to technical and non-technical audiences

• Vendor Management experience – Coordinating security assessments with external vendors.

• Ability to work independently and able to prioritise conflicting tasks.

• Flexibility and the ability to adapt easily and quickly to new and changed processes Understanding of System Architecture – Awareness of how system architecture impacts security.

• Consulting skills – Providing advice on security best practice.

Benefits of working at Bank of America:

Ireland

• Private healthcare for you and your family plus an annual health screen to help you manage your physical wellness with the option to purchase a screen for your partner.

• Competitive pension plan, life assurance and group income protection cover if you become unable to work as a result of a disability or health reasons.

• 20 days of back-up childcare and 20 days of back-up adult care per annum

• The ability to change your core benefits as well as the option of selecting a variety of flexible benefits to suit your personal circumstances including access to a wellbeing account, travel insurance, critical illness etc.

• Access to an Employee Assistance Program for confidential support and help for everyday matters.

• Access to free counselling through the Employee Assistance Program and virtual GP services through our private health care plan

• Ability to donate to charities of your choice and the bank will match your contribution.

• Opportunity to access our Arts & Culture corporate membership program and receive discounted entry to some of Ireland’s most iconic cultural institutions and exhibitions.

• Opportunity to give back to your community, develop new skills and work with new groups of people by volunteering in your local community.

Bank of America

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunity employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependents, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.