girl looking into her desktop
Back to search results

Third Party Onsite Assessor

Chester, , United Kingdom

Job Description:

Job Title: Third Party Onsite Assessor

Corporate Title: Vice President

Location: Chester

Overview of the Role:

This role requires the incumbent to perform third party information security assessments using the prescribed onsite program.

The onsite assessor will:

  • Perform pre-assessment research of the third party and the associated risk to Bank of America
  • Conduct the assessment with the third party at their site using the agreed assessment questionnaire and procedures
  • Complete assessment work-papers detailing the level of compliance of the third party
  • Write the assessment summary report detailing the gaps identified and the potential impact and recommendations for mitigating the risk.

Additionally, the role requires the incumbent to contribute to projects and initiatives that improves and develops the third party assessment process.

Overview of the Team:

This is a small team of assessors based in the UK (Chester) with responsibility for assessing third parties in the EMEA region. This role will be part of that team reporting to a local Tech Manager.

This requires working with the line of business and the third party directly with connections to the third party assessment teams in the US and APAC.

There is a requirement for the incumbent to keep his/her information security knowledge current through training opportunities such as formal courses, the bank’s internal learning resources and vendor seminars. 

Core Skills:

This role would suit somebody with the following technical abilities:

  • technical knowledge of a wide range of information security controls and the processes used for evaluating their design and effectiveness
  • a technical background in IT and networks having worked in a technical area and gained a deep understanding of the technology
  • a broad knowledge of IT, information security and business continuity principles and concepts
  • a current industry recognised accreditations such as CISSP and CISA (or working towards)
  • a good understanding of cyber risks and controls and how they relate to current and emerging technologies
  • knowledge and experience of industry frameworks such as NIST and ISO  

The role would suit somebody with the following personal qualities:

  • is articulate and concise and able to explain technical concepts to both a technical and non-technical audience at all levels, both verbally and in written work
  • is committed to accuracy and precision
  • contributes to discussions in a positive and helpful manner
  • is naturally inquisitive and keen to understand and learn
  • is analytical in his/her thinking to identify and mitigate risk
  • is supportive and trusting of the team and knows when to escalate or seek additional advice
  • is well organised, able to work independently and able to prioritise conflicting tasks
  • is flexible and able to adapt easily and quickly to new and changed processes
  • is able to challenge the status quo but gets fully behind decisions once they are made
  • is an ambassador for Bank of America always presenting a professional demeanour to external parties especially when faced with challenging situations
  • builds a positive and collaborative relationship with third parties
  • understands the importance of third party risk and sees the role as a great opportunity to apply their internal skills to external third parties to bring them in compliance with Bank of America standards
  • understands the culture of a large financial organisation and puts the requirements of the role before any personal agenda
  • ability to travel up to 5 business days a month if required

Bank of America:

Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates.

In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here.

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.

Job Band:

H5

Shift: 

Hours Per Week:

35

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Job Title: Third Party Onsite Assessor

Corporate Title: Vice President

Location: Chester

Overview of the Role:

This role requires the incumbent to perform third party information security assessments using the prescribed onsite program.

The onsite assessor will:

  • Perform pre-assessment research of the third party and the associated risk to Bank of America
  • Conduct the assessment with the third party at their site using the agreed assessment questionnaire and procedures
  • Complete assessment work-papers detailing the level of compliance of the third party
  • Write the assessment summary report detailing the gaps identified and the potential impact and recommendations for mitigating the risk.

Additionally, the role requires the incumbent to contribute to projects and initiatives that improves and develops the third party assessment process.

Overview of the Team:

This is a small team of assessors based in the UK (Chester) with responsibility for assessing third parties in the EMEA region. This role will be part of that team reporting to a local Tech Manager.

This requires working with the line of business and the third party directly with connections to the third party assessment teams in the US and APAC.

There is a requirement for the incumbent to keep his/her information security knowledge current through training opportunities such as formal courses, the bank’s internal learning resources and vendor seminars. 

Core Skills:

This role would suit somebody with the following technical abilities:

  • technical knowledge of a wide range of information security controls and the processes used for evaluating their design and effectiveness
  • a technical background in IT and networks having worked in a technical area and gained a deep understanding of the technology
  • a broad knowledge of IT, information security and business continuity principles and concepts
  • a current industry recognised accreditations such as CISSP and CISA (or working towards)
  • a good understanding of cyber risks and controls and how they relate to current and emerging technologies
  • knowledge and experience of industry frameworks such as NIST and ISO  

The role would suit somebody with the following personal qualities:

  • is articulate and concise and able to explain technical concepts to both a technical and non-technical audience at all levels, both verbally and in written work
  • is committed to accuracy and precision
  • contributes to discussions in a positive and helpful manner
  • is naturally inquisitive and keen to understand and learn
  • is analytical in his/her thinking to identify and mitigate risk
  • is supportive and trusting of the team and knows when to escalate or seek additional advice
  • is well organised, able to work independently and able to prioritise conflicting tasks
  • is flexible and able to adapt easily and quickly to new and changed processes
  • is able to challenge the status quo but gets fully behind decisions once they are made
  • is an ambassador for Bank of America always presenting a professional demeanour to external parties especially when faced with challenging situations
  • builds a positive and collaborative relationship with third parties
  • understands the importance of third party risk and sees the role as a great opportunity to apply their internal skills to external third parties to bring them in compliance with Bank of America standards
  • understands the culture of a large financial organisation and puts the requirements of the role before any personal agenda
  • ability to travel up to 5 business days a month if required

Bank of America:

Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates.

In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here.

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.

Learn more about this role

Full time

JR-21055876

Band: H5

Manages People:

Manager:

Talent Acquisition Contact:

James Bannerman

Referral Bonus:

0

Street Address

Primary Location:
Herons Way, Chester, CH4 9FE