Assistant Vice President/Vice President, Info Security Consultant - Design Case Manager, Global Information Security

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Job Description:
The Secure by Design Case Manager, reporting into the APAC Secure Solutions Design (SSD) Lead within the BISO Organization, is assigned to oversee and manage the Secure-by-Design Evaluation (SbDE) requests.

Case managers ensure all required security tests are completed (if in-scope) and documented.

Additionally, Case Managers are responsible for conducting specific BISO-owned tests (e.g., SDR, Access Management Control Review, Third Party Cyber Assurance (TPCA), Remediation Reviews).

Upon successful completion of all artifacts, risk documentation, completion of QA and completion of the SbD Summary Report and Escalation Report, obtaining appropriate approvals (when applicable) the Case Manager closes the Secure by Design Evaluation (SbDE) request.

Responsibilities:

The Case Manager’s responsibilities include:

• Overall management and execution of assigned SbDE requests.
• Central point of contact for CIO stakeholders across the request to efficiently evaluate application development changes, information security events, governance triggered projects and third-party evaluations.
• Ensures completion of required SbDE artifacts according to defined criteria and documentation of findings for associated applications.
• Ensures that Bank of America and third parties continuously develops cyber secure technologies that adhere to internal policies/standards, as well as industry best practices.
• In addition, the team may be asked to provide technical support to the client, management, and lines of business in risk assessments and implementation of appropriate data security procedures and products.

Required Skills:

Minimum 4 years of experience in cyber security or a technology-related field

• Strong project management experience.
• Strong analytical skills/problem solving/critical thinking.
• Able to work with technical and non-technical business owners.
• Able to take ownership of an initiative/issue through completion.
• Able to work in a collaborative environment.
• Able to own and deliver on complex initiatives in a high paced, evolving environment.
• Excellent verbal and written communication skills; Ability to communicate with business leaders, users, and tech-savvy stakeholders.
• Proficient in MS Office (Word, Excel, PowerPoint).
• Ability to work with minimal supervision.

Desired Skills:

• Knowledge/Experience in Application security, Risk assessments, Cloud technologies, GRC (Governance, Risk, and Compliance) and/or third-party management with emphasis on security processes and controls.
• Experience evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc.
• Ability to evaluate technology to ensure cyber-secure development that adheres to internal application policy, standards, and baselines.
• Bachelor’s degree in information technology, information security or related field.
• Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2).