Senior Information Security Architect

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

The Senior Information Security Architect will be a member of the Business Information Security Officer's (BISO) - Secure Solutions Design team and work closely with the line of business technical and project teams to deliver strategic projects.

The role participates and guides the development of a system architectures and conducts security and business information flow studies. Provides integrated systems reviews and recommends new or different technologies that will enhance current system security and support overall corporate and business goals. Conduct system architecture security studies of new and existing IT systems to ensure systems operate within Bank of America’s security policies. Recommends design components to secure the system and align with Global Information Security policies and risk tolerance. Interfaces with vendors, consultants, and senior technologists to support the business indicatives and goals.

Serves as a fully seasoned/proficient technical security resource; accountability is for technical and security knowledge and capabilities as a team member or as an individual contributor. Will not have direct reports but will influence and direct activities of a team related to special initiatives or operations. Typically 7 or more years of Information Security and IT experience

Required Skills:

• Expertise in creation and review of technical diagrams of infrastructure and data flow diagram using Visio.
• Expertise in creation of threat models using STRIDE methodology using Microsoft Threat Modeling Tool or comparable tools.
• Experience with various enterprise technology domains such as cloud (Azure, AWS, GCP), networking, cryptography, identity and access management, and virtualization and containers.
• Capable of creating documentation to articulate the results of the system architecture security studies.
• Ability to educate teams on Global Information Security policies and the risks of non-compliance. 
• Strong communications, writing, and presentation skills

Desired Skills:

• Industry recognized Information Security certifications – CISSP, CISM, CRISC, CISA, CCSP, CCSK or any other well recognized vendor specific certifications
• Experience in using other similar threat modeling tools and methodologies.

 This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Pay Transparency details

US - CO - Denver - 1144 15th St (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842)

Pay and benefits information

Pay range

$135,600.00 - $202,000.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.