Job Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business and their COOs and their supporting technology teams from the Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.Scale/Scope:Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for the line of business (LOB)Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post production and the different risk elements associated with each step.Serves as an Information Security subject matter expert and liaison with GIS teams and participates in the development, implementation and maintenance of information security programs for both the line of business (LOB) and the enterpriseProvides guidance and advocacy regarding the prioritization of LOB investments that impact information securityAdvises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programsMonitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related issuesManages information security control alignment reporting to LOB LeadershipRisk Management:Drives GIS/LOB risk deliverablesCollaborates with risk partners on info security critical prioritiesParticipates in senior LOB specific Risk Management & Business Continuity RoutinesIdentifies and measures global information security (GIS) controls on most critical business processes or channelsLeadership/Strategy:Ability to build strong Partner relationships with peer technology groups and supported LOBSupports the triage process with the client and helps them understand the GIS support structureDrives required risk culture and partnership with peer technology teams and supported LOBParticipates in key CIO operating routines to drive information security risk strategyHas a deep understanding of security across application, bank managed and externally hosted cloud computing platformsHas a solid grasp of security in big data and other instructed large data structuresRequired Skills:2-5 years of experience in technology and 5 + years in information securityMust display subject matter experience in application security, vulnerability testing, system testing, and/or Agile lifecycle managementStrong LOB knowledge/experience for the type of business they are aligned to (e.g..CSBB/GBM)1-2 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments.Experience giving presentations and superb communication skillsDesired Skills:Bachelor's and/or Master’s degree in Computer Science, Information Technology or related fieldEnterprise Job Description: This job is responsible for supporting Line of Business leaders by balancing the needs of the business while ensuring information security risk is appropriately identified and managed to drive uncompromising cyber security protection. Key responsibilities include applying an understanding of the business and engaging with technology partners, business partners, and Global Information Security teams to provide blended security and business expertise to ensure appropriate management of information security risks.Shift: 1st shift (United States of America)Hours Per Week: 40
