Cyber Security Third Party Remediation Assessor

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

The Third Party Remediation Assessor is responsible for executing information security assessment remediation with the bank's third parties. In this role, you will manage the third party's progress throughout the remediation lifecycle, as you work to address their information security gaps.

Additionally, you will be expected to maintain clear and consistent communication between the bank, the vendor, and the LOB vendor management community regarding the assessment's status, updates, completion, and any escalations that may be required.

Previous information technology/security audit/assessment experience is strongly preferred. Attention to detail, analytical skills, ability to multi-task, and ability to work both independently as well as part of a due diligence team are also required. Must be able to plan, execute and document assessment remediation activities following established processes and procedures.

Five to seven years' experience in information security required. CISSP, CRISC, or CISA recommended.

Required Qualifications:

• Broad knowledge of information security principles and risk frameworks
• Required to interact extensively with internal and external stakeholders/management to identify, analyze, escalate, and resolve security findings
• Highly organized with ability to plan and direct business activities to achieve business outcomes
• Must be comfortable delivering messages across a broad spectrum of partners with varying degrees of technical knowledge
• Strong analytical skills, problem solving skills, conceptual thinking
• Strong project management and independent portfolio management
• Advanced proficiency with Microsoft Excel
• Ability to work independently and track initiatives
• Experience working with global and/or virtual teams

Desired Qualifications:

• Understanding of network security threats, industry framework controls (CIS and NIST), and BAC Policies and Standards framework
• Experience with information security, cloud, business continuity, data transmission, encryption, privacy domains
• Experience supporting regulatory or sector policy initiatives
• Experience with assessments based on relevant threat intelligence (Pen Testing, Red Teaming, etc.)
• Ability to work with technical and non-technical business owners

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:
1st shift (United States of America)

Hours Per Week:
40

Pay Transparency details

US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540), US - NJ - Jersey City - 101 Hudson St - 101 Hudson (NJ2101)

Pay and benefits information

Pay range

$98,200.00 - $146,600.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.