girl looking into her desktop
Back to search results

Information Security Consultant

Camberley, , United Kingdom;

Job Description:

Job Title: Information Security Analyst

LOB: GCOR Cyber Security Risk Management

Corporate Title: VP / SVP

Location: Camberley or Chester

We are currently looking for an Information Security Analyst to join the GCOR (Global Compliance and Operational Risk) Cyber Risk Center of Excellence group. The Information Security Analyst will be responsible for defining the GCOR expectations for the rest of the bank with regard to Infrastructure Security.

In this role, you will be expected to produce and take ownership for the main functions outlined below. In addition you are expected to develop a solid understanding of the business, drive execution, sustain intensity and optimism and live BofA key values and culture. 
 

Responsibilities will include but not limited to: 

Infrastructure Security

The successful SSME will be expected to set clear rules relating to risk appetite within the Infrastructure domain, engage with other SMEs relating to that topic to ensure understanding remains accurate and up-to-date, and will share their knowledge with the wider Cyber GCOR organization and the wider bank through targeted documentation, white papers, knowledge sharing sessions and other mechanisms, as appropriate.  In this role, the private-side status SSME will be documenting technology and/or processes, working with Cyber GCOR, GIS, and other technology partners in the course of governing and overseeing the information security program delivery.

Key Responsibilities

  • Serve as a Senior Subject Matter Expert (SSME) and be available for consultation to provide guidance on complex or unique situations encountered by GCOR groups

  • To understand industry advances in order to be able to identify opportunities or gaps in the risk mitigation relating to, for example, virtualization, networking, mobile, cryptography and other elements of security

  • Responsible for researching and documenting technologies and architecture patterns in order to provide informed and pragmatic challenge on information security practice relating to infrastructure security

  • Be a thought leader for the logical group of infrastructure security SMEs across Cyber GCOR; enable less skilled team members to consume relevant knowledge through the production of documentation, review guides and white papers, in order to help up-skill the wider logical team and to foster consistency of delivery

  • Work on thematic analysis and guidance to ensure a robust end-to-end view of risk relating to infrastructure security

  • To be able to articulate aspects relating to infrastructure security at both high level and low level, and to explain this at relevant leadership forums (Leadership Skills)

  • To be able to discuss/partner with regulators to help shape industry strategy for this topic

The Team:

The GCOR Cybersecurity Risk Management team is built on trust; built through integrity & respect for each other and ultimately by encouraging thought-diversity. The team have a sense of empowerment – both individually and collectively.

With an innate desire to grow and learn the team are comfortable in challenging each other in the context of “Fall Not Fail”. The team is proud of how they build relationships with global clients and peers alike, enabling for full & frank risk lens discussions to help businesses manage risk appropriately, whilst reciprocally & empathetically considering if the information security controls are applied correctly.

Core Skills:

  • Extensive experience in the information security aspects of Infrastructure Security

  • Must have the ability to research and understand complex technology as well as Information Security Industry best practices and associated risks

  • Must have excellent verbal and written communication skills required to convey complex technology to others with different technical backgrounds

  • Solid organizational skills, able to work effectively with minimal guidance

  • Ability to research, analyze, and identify improvements in order to quantify minimum expectations for technology implementations and risk mitigation programs

Other Beneficial Skills:

  • Bachelor's and/or Master’s degree in Computer Science, Information Technology or related field, or equivalent experience (8 years+)

  • Experience would also be of benefit in one or more of the following information security areas:

  • Cryptography

  • Application Security

  • Network Security

  • Security Controls

  • Artificial Intelligence

  • Cyber Defense Strategies

  • Mobile Application Security

  • Cloud Security

  • Other technologies used within the bank, as appropriate

Bank of America

Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates.

In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here.

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.

Job Band:

H4

Shift: 

Hours Per Week:

35

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Job Title: Information Security Analyst

LOB: GCOR Cyber Security Risk Management

Corporate Title: VP / SVP

Location: Camberley or Chester

We are currently looking for an Information Security Analyst to join the GCOR (Global Compliance and Operational Risk) Cyber Risk Center of Excellence group. The Information Security Analyst will be responsible for defining the GCOR expectations for the rest of the bank with regard to Infrastructure Security.

In this role, you will be expected to produce and take ownership for the main functions outlined below. In addition you are expected to develop a solid understanding of the business, drive execution, sustain intensity and optimism and live BofA key values and culture. 
 

Responsibilities will include but not limited to: 

Infrastructure Security

The successful SSME will be expected to set clear rules relating to risk appetite within the Infrastructure domain, engage with other SMEs relating to that topic to ensure understanding remains accurate and up-to-date, and will share their knowledge with the wider Cyber GCOR organization and the wider bank through targeted documentation, white papers, knowledge sharing sessions and other mechanisms, as appropriate.  In this role, the private-side status SSME will be documenting technology and/or processes, working with Cyber GCOR, GIS, and other technology partners in the course of governing and overseeing the information security program delivery.

Key Responsibilities

  • Serve as a Senior Subject Matter Expert (SSME) and be available for consultation to provide guidance on complex or unique situations encountered by GCOR groups

  • To understand industry advances in order to be able to identify opportunities or gaps in the risk mitigation relating to, for example, virtualization, networking, mobile, cryptography and other elements of security

  • Responsible for researching and documenting technologies and architecture patterns in order to provide informed and pragmatic challenge on information security practice relating to infrastructure security

  • Be a thought leader for the logical group of infrastructure security SMEs across Cyber GCOR; enable less skilled team members to consume relevant knowledge through the production of documentation, review guides and white papers, in order to help up-skill the wider logical team and to foster consistency of delivery

  • Work on thematic analysis and guidance to ensure a robust end-to-end view of risk relating to infrastructure security

  • To be able to articulate aspects relating to infrastructure security at both high level and low level, and to explain this at relevant leadership forums (Leadership Skills)

  • To be able to discuss/partner with regulators to help shape industry strategy for this topic

The Team:

The GCOR Cybersecurity Risk Management team is built on trust; built through integrity & respect for each other and ultimately by encouraging thought-diversity. The team have a sense of empowerment – both individually and collectively.

With an innate desire to grow and learn the team are comfortable in challenging each other in the context of “Fall Not Fail”. The team is proud of how they build relationships with global clients and peers alike, enabling for full & frank risk lens discussions to help businesses manage risk appropriately, whilst reciprocally & empathetically considering if the information security controls are applied correctly.

Core Skills:

  • Extensive experience in the information security aspects of Infrastructure Security

  • Must have the ability to research and understand complex technology as well as Information Security Industry best practices and associated risks

  • Must have excellent verbal and written communication skills required to convey complex technology to others with different technical backgrounds

  • Solid organizational skills, able to work effectively with minimal guidance

  • Ability to research, analyze, and identify improvements in order to quantify minimum expectations for technology implementations and risk mitigation programs

Other Beneficial Skills:

  • Bachelor's and/or Master’s degree in Computer Science, Information Technology or related field, or equivalent experience (8 years+)

  • Experience would also be of benefit in one or more of the following information security areas:

  • Cryptography

  • Application Security

  • Network Security

  • Security Controls

  • Artificial Intelligence

  • Cyber Defense Strategies

  • Mobile Application Security

  • Cloud Security

  • Other technologies used within the bank, as appropriate

Bank of America

Every day, across the globe, our employees bring a commitment to our purpose and to driving responsible growth by living our values: deliver together, act responsibly, realize the power of our people and trust the team. A key aspect of driving responsible growth is doing so in a sustainable manner, a critical pillar of which is being a great place to work for our teammates.

In line with these values, in EMEA we have 9 Employee Networks, a wide range of Sports & Social clubs, and other development and networking opportunities so that you can enjoy a range of experiences and connect with colleagues across the bank. We also offer exclusive discounts to some of the most iconic cultural experiences for you to enjoy in your spare time outside of work. Learn more about our benefits here.

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements. As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.

Learn more about this role

Full time

JR-21063552

Band: H4

Manages People:

Manager:

Talent Acquisition Contact:

Gail Danvers

Referral Bonus:

0

Street Address

Primary Location:
STANHOPE RD, Camberley, GU15 3BW
Additional Locations: