Senior Manager, Third Party Information Security Officer

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

This job is responsible for managing a team that is delivering various components within the third party information security assessment process. This includes managing assessor productivity, quality, timeliness, and Line of Business related escalations. Key responsibilities include managing a portfolio of assessments to completion while ensuring consistency and quality across the assessments and developing and sponsoring tactics to achieve strategic objectives across the organization. This include reducing external party security gaps in partnership with business leaders, key stakeholders, third parties, and/or external parties and overseeing compliance with security policies.

Job Responsibilities

• Manages a team of assessors responsible for measuring a third parties information security risk and provides support for escalations

• Manages team performance through effective recruiting, coaching, training, and performance management activities

• Ensuring proper integration with internal processes, governance standards, and security policies       

• Develops information security strategies to respond to challenges and opportunities and ensures team goals are aligned to these strategies  

• Identifies process optimization opportunities that will address unmet needs and enable technology and workflow enhancements

• Establishes and maintains effective working relationships with third parties, acting as a point of contact for information security matters, communicating security requirements, and addressing any concerns or issues that arise

         

Required Qualifications:

• 5 to 7 years’ experience in information security

• Technical skills include the domains of information security including:

• Information Security Controls (Infrastructure Security, Access Management, Application Security, etc.)

• IT Compliance, SOX Compliance

• Change Management

• Enterprise Risk Management

• Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards

• Strong people management skills

• Ability to hold people accountable to process, while identifying improvement opportunities, process risks, and solutions.

• The ability to draw upon past knowledge and experiences to find a solution and define a path of action.

• The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment.

• The ability to identify impacted parties, share information, address needs and expectations, and resolve issues when implementing change, to support adoption and delivery of expected outcomes.

• Experience communicating to Sr. Management level

• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.

• Ability to work independently on initiatives with little oversight

Desired Qualifications:

• Bachelor’s degree in information technology or related field

• Ability to work with Technical and Non-Technical business owners

• Experience with assessments based on relevant threat intelligence (network penetration testing, Red Teaming, etc.).

• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA

• Knowledge of NIST guidelines

• This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540)

Pay and benefits information

Pay range

$145,800.00 - $211,800.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.