Sr. Business Information Security Officer

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Front Line Units (FLU) / CIO executives. In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.

Scale/Scope
• Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for FLU/Ops
• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for FLU/Ops
• Aligned to Fraud Authentication , Financial Center, and Automated Teller Machines channel segments to drive a security strategy and to ensure appropriate security by design requirements execution
• Provides guidance and advocacy regarding the prioritization of investments that impact information security
• Advises management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Monitors information security trends internal and external to the bank and keeps leadership informed
• Manages quality control and reporting
• Ensures compliance with policies and laws

Required Skills
• Information Security & Technology professional with 10+ years' experience
• 7+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS)
• Experience evaluating third party information security control and providing guidance to reduce risk on identify observations
• Experience with information security for No SQL, Big Data , and unstructured data stores (Cassandra, Hadoop, and /or Teradata)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security application security controls
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding