Data Loss Prevention Operations Lead - Outbound Email

CO Salary Range: USD 93,700.00 - 142,500.00 per year

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

• Monitor daily DLP detection activity and assess performance, identifying anomalies and escalating as appropriate.
• Maintain and enhance operational playbooks, test plans, and process documentation.
• Provide audit-ready evidence of control adherence and detection rule effectiveness.
• Collaborate with business, technology, and policy teams to validate rule changes and assess operational impacts.
• Analyze trends and metrics to identify risk indicators and drive improvements in rule logic and operational performance.
• Integrate detection rule changes based on business needs, control findings, or incident analysis.
• Provide timely operational insights and recommendations to leadership to support governance and decision-making.
• Provide support for DLP impacting incidents, technical releases and global resources. Time commitment is across time zones, not always within scheduled working hours.
• Contribute to the maturity of the DLP program, including cross-channel alignment and automation opportunities.

• Minimum 5 years of experience in information security, or technology
• Proficient in creating, testing, and optimizing DLP detection rules using regex and Exact Data Match (EDM).
• Strong proficiency in writing Splunk queries and interpreting log data to support investigations and rule tuning.
• In-depth understanding of SMTP routing and email security infrastructure, including how policies and detection tools interact with mail flow.
• Deep understanding of the NIST Cybersecurity Framework and regulatory requirements, including regional restrictions.
• Experience with scripting or automation (e.g., Python, PowerShell, Bash) to support process optimization, alert triage, and reporting.
• Familiarity with workflow automation tools (e.g., ServiceNow Flow Designer, Jira Automation, Microsoft Power Automate).
• Proven ability to communicate complex technical findings to both technical and non-technical audiences.
• Demonstrated problem-solving capabilities and ability to operate independently in a fast-paced, high-pressure environment.
• Relevant certifications: Security+, Network+, CEH, CISSP, CCNA, or CCNP.
• Due to the nature of the role and data access, enrollment in Associate Investment Monitoring may be required.

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis