girl looking into her desktop
Back to search results

Risk Engagement Lead Consultant

Addison, Texas;

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Chief Operations Office (COO) function within Global Information Security is responsible for business operations, finance and resource management, performance management and metrics. The COO team is also responsible for development and implementation of an integrated GIS workforce strategy that delivers on future-state resource, location and training goals.

This individual contributor role will support disciplined execution of activities related to issues and exam management.  The role will be primarily responsible for identifying and documenting risks and related mitigation plans as well as validation of evidence to support risk mitigation for all GIS related Audit, Compliance, Ops Risk, Regulatory and/or GIS identified risks, issues, control enhancements and MRAs within defined SLAs. This includes leading and facilitating meetings to debate and understand risks, and drafting clear and articulate issue summaries and mitigation plans to be reviewed by senior and executive management, ensuring evidence is sufficient to warrant closure of an issue, and responding timely to ad hoc inquiries from Risk, Internal Audit and Regulators.  The candidate will be expected to manage a portfolio of risks and issues and understand holistic risks across their assigned area and be able to make determinations on how they may affect other divisions and GIS as a whole. The candidate will be expected to develop and present routine reports and metrics related to the process.  The candidate will also be expected to work with Issue Owners to drive on time remediation and to escalate potential roadblocks that may delay on-time completion.  In addition, the candidate will participate in efficiency projects, execution of strategy and demonstrate an intense desire for personal development.

Required Skills:

  • Cyber security or information security domain knowledge
  • Wide knowledge of computing platforms and solutions
  • Capable of analyzing, simplifying and expressing complex problems
  • Excellent communication skills (presentation and influencer) and ability to synthesize information in order to drive team to results
  • Ability to “connect the dots” for others across multiple data points, make connections upstream/downstream that may not be easily noticeable
  • Ability to work in a highly visible and fast-paced environment, where business needs/priorities may change and path forward is not always black/white
  • Knowledge of project management concepts
  • Desire for obtaining new information or knowledge
  • Self-starter, organized, versatile, and capable of performing work with minimal management oversight
  • Excellent time management skills and ability to juggle multiple, competing priorities
  • A problem solver who can manage through ambiguity successfully
  • Exhibit strong relationship management and interpersonal skills
  • Ability to work through controversial situations
  • Excellent facilitation and presentation skills


Desired Skills:

  • Bachelor's and/or Master’s degree
  • CISSP, CRISC, CISA, CISM certification or similar
  • Prior operational risk or compliance experience in the technology arena
  • Detailed, bank-specific risk management and governance experience.
  • Ability to work with technical and non-technical business owners

Enterprise Role Overview: Evaluates and supports the risk identification documentation, validation, assessment, and/or mitigation processes necessary to ensure that existing and new IT systems meet Enterprise information security requirements and risk appetite. Leverages knowledge of IT platforms, tools and concepts, such as network devices and topologies, servers and systems architectures. Leverages deep knowledge of information security frameworks (ex: NIST, COBIT, ISO), standards, policies, controls, tools, laws, rules, regulations, and/or coordinates efforts to mitigate/remediate information security risks. Works with internal and external stakeholders (ex: LOB delegates, SMEs, regulators). Develops, refines, implements, and/or governs Enterprise-wide information security policies, procedures, and standards, as well as industry-leading information security reporting, risk scoring, and governance for the Enterprise. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Typically has 3-5 years of relevant experience and will be an individual contributor.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Chief Operations Office (COO) function within Global Information Security is responsible for business operations, finance and resource management, performance management and metrics. The COO team is also responsible for development and implementation of an integrated GIS workforce strategy that delivers on future-state resource, location and training goals.

This individual contributor role will support disciplined execution of activities related to issues and exam management.  The role will be primarily responsible for identifying and documenting risks and related mitigation plans as well as validation of evidence to support risk mitigation for all GIS related Audit, Compliance, Ops Risk, Regulatory and/or GIS identified risks, issues, control enhancements and MRAs within defined SLAs. This includes leading and facilitating meetings to debate and understand risks, and drafting clear and articulate issue summaries and mitigation plans to be reviewed by senior and executive management, ensuring evidence is sufficient to warrant closure of an issue, and responding timely to ad hoc inquiries from Risk, Internal Audit and Regulators.  The candidate will be expected to manage a portfolio of risks and issues and understand holistic risks across their assigned area and be able to make determinations on how they may affect other divisions and GIS as a whole. The candidate will be expected to develop and present routine reports and metrics related to the process.  The candidate will also be expected to work with Issue Owners to drive on time remediation and to escalate potential roadblocks that may delay on-time completion.  In addition, the candidate will participate in efficiency projects, execution of strategy and demonstrate an intense desire for personal development.

Required Skills:

  • Cyber security or information security domain knowledge
  • Wide knowledge of computing platforms and solutions
  • Capable of analyzing, simplifying and expressing complex problems
  • Excellent communication skills (presentation and influencer) and ability to synthesize information in order to drive team to results
  • Ability to “connect the dots” for others across multiple data points, make connections upstream/downstream that may not be easily noticeable
  • Ability to work in a highly visible and fast-paced environment, where business needs/priorities may change and path forward is not always black/white
  • Knowledge of project management concepts
  • Desire for obtaining new information or knowledge
  • Self-starter, organized, versatile, and capable of performing work with minimal management oversight
  • Excellent time management skills and ability to juggle multiple, competing priorities
  • A problem solver who can manage through ambiguity successfully
  • Exhibit strong relationship management and interpersonal skills
  • Ability to work through controversial situations
  • Excellent facilitation and presentation skills


Desired Skills:

  • Bachelor's and/or Master’s degree
  • CISSP, CRISC, CISA, CISM certification or similar
  • Prior operational risk or compliance experience in the technology arena
  • Detailed, bank-specific risk management and governance experience.
  • Ability to work with technical and non-technical business owners

Enterprise Role Overview: Evaluates and supports the risk identification documentation, validation, assessment, and/or mitigation processes necessary to ensure that existing and new IT systems meet Enterprise information security requirements and risk appetite. Leverages knowledge of IT platforms, tools and concepts, such as network devices and topologies, servers and systems architectures. Leverages deep knowledge of information security frameworks (ex: NIST, COBIT, ISO), standards, policies, controls, tools, laws, rules, regulations, and/or coordinates efforts to mitigate/remediate information security risks. Works with internal and external stakeholders (ex: LOB delegates, SMEs, regulators). Develops, refines, implements, and/or governs Enterprise-wide information security policies, procedures, and standards, as well as industry-leading information security reporting, risk scoring, and governance for the Enterprise. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives. Typically has 3-5 years of relevant experience and will be an individual contributor.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-21053052

Band: H5

Manages People: No

Travel: Yes, 5% of the time

Manager:

Talent Acquisition Contact:

Michael Geddie

Referral Bonus:

0

Colorado job seekers

Colorado pay range:

$66,300 - $123,500 annualized salary, offers to be negotiated based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.