girl looking into her desktop
Back to search results

Cyber Security Third Party Assessment Manager

Denver, Colorado;

Job Description:

Are you passionate about working with the best information security team in the world?  Bank of America is hiring top talent to join our innovative and forward thinking team.

What We Do:

At Bank of America, we handle the finances of over 67 million client relationships every day, including helping them save, borrow, and invest for today and for their future.  We stand by our clients each and every day giving them the power to realize their personal financial goals and help make their financial lives better. 

The Global Information Security organization is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The team:

  • Develops the bank’s Information security strategy and policy
  • Manages the Information security program and identifies and addresses vulnerabilities
  • Develops, deploys and manages a risk-based controls portfolio
  • Manages and operates a global security operations center that monitors, detects and responds to cybersecurity incidents

What We’re Looking For:

We’re looking for the next generation of Cyber security experts – those with a passion for growing a long-term career, building relationships and working with a team of innovative and forward thinking information security professionals.  Our cyber team is meant for those looking to make a real impact and build a career in information security.  The role is ideal for those who have a passion to work with industry leaders to protect our brand and the customer/client experience by proactively detecting, disrupting, and mitigating cyber security across the organization.

What You’ll Get:

From day one, you’ll receive training including hands-on practice, personalized coaching and dedicated support throughout your on-boarding experience.  With demonstrated success, you’ll have the opportunity to advance into many different roles with Global Information Security – with unlimited opportunity to grow throughout your career.  You will be supported with dedicated programs, tools, and resources throughout your career journey.

We’ll help you:

•Build a successful career at Bank of America through world-class training and on-boarding programs that set you up for success

•Grow in your current role through one-on-one coaching from managers who are invested in your success and training programs that help you excel, build new skills or take on additional responsibility

•Continuously learn and advance your career goals through intentional career paths to the next best role

•Use resources and innovative technologies to optimize the client experience

•Expand your business knowledge and network by partnering with experts in Global Information Security, Global Technology and other lines of business

•Become an expert in what you do

What you can look forward to:

•Ongoing professional development to deepen your skills and optimize your expertise as the industry evolves and changes

•Resources and dedicated support to help you reach your full potential throughout your career

•A benefits program designed to meet the diverse needs of our employees at every stage of their life and help them plan for tomorrow

•Progressive workplace practices and initiatives that promote inclusion

We’re a culture that:

•Believes in responsible growth and has a proven dedication to supporting the communities we serve.

•Provides continuous training and developmental opportunities to help people achieve their goals, whatever their background or experience.

•Believes diversity makes us stronger, so we can reflect, connect to and meet the diverse needs of our clients and customers around the world.

•Is committed to advancing our tools, technology, and ways of working. We always put our clients first to meet their evolving needs.

The Third Party Assessment Manager is responsible for overseeing a team of assessors responsible for executing information security assessments with the bank's third parties located within the United States, LATAM and Canada. In this role, you will provide tactical support to a team of assessors and ensure flawless execution throughout the assessment lifecycle.  Additionally, you will be expected to maintain clear and consistent communication between their team and the LOB vendor management community regarding their assessments, as well as handle any escalation that may arise. 

Additional tasks include: 
•    Identification of process optimization opportunities, including technology and work flow enhancements 
•    Work across the assessment vertical to ensure the assessment process is aligned to meet TPIS assessment procedures 
•    Assist with resource planning to ensure the program has the necessary resources to effectively execute their assessments. 
•    Stay aware of emerging cybersecurity trends and help determine if/when to integrate item into the assessment program. 
•    Support inquiries into the programs operations and/or assessment results from internal risk and support partners from GIS and the LOBs 
•    Previous information technology/security audit/assessment experience preferred. 
•    Strong attention to detail, analytical skills, ability to multi-task, and ability to work both independently as well as part of a due diligence team are also required. 
•    Must be able to plan, execute and document assessment activities following established processes and procedures. 
•    Five to seven years’ experience in information security required. 
•    CISSP, CRISC, or CISA recommended. 

Required Skills: 
•    Experience communicating to Sr. Management level management 
•    Experience working within the risk framework to remediate 
•    Strong people management skills 
•    Ability to work independently on initiatives with little oversight.  
•    Motivated and willing to learn. 
•    Strong analytical skills/problem solving/conceptual thinking. 
•    Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding 
•    Ability to direct personnel towards a set of goals and hold them accountable. 
•    Experience developing and implementing new processes/procedures 
•    Experience working with global and/or virtual teams 

Desired Skills: 
•    Bachelor's degree in Information Technology or related field 
•    Ability to work with Technical and Non-Technical business owners, Information Security, Sourcing/ Vendor Management, Business Continuity & recovery, Data Transmission, Privacy Experience supporting regulatory or sector policy initiatives. 
•    Experience with assessments based on relevant threat intelligence (network penetration testing, Red Teaming, etc.)
 

Enterprise Job Description: Manages teams working closely with line of business leaders, to inform security risk-based decisions.  Leverages deep understanding of the business and strong business acumen to provide information security expertise to key stakeholders. Possesses extensive technical or functional knowledge in third party risk management, information security, business continuity, and governance. Partners with business leaders, key stakeholders, third parties, and/or external parties to inform security risk-based decisions.  Typically has over 5 years of relevant experience including managing teams.

Job Band:

H5

Shift: 

1st shift (United States of America)

Hours Per Week:

40

Weekly Schedule:

Referral Bonus Amount:

0

Job Description:

Are you passionate about working with the best information security team in the world?  Bank of America is hiring top talent to join our innovative and forward thinking team.

What We Do:

At Bank of America, we handle the finances of over 67 million client relationships every day, including helping them save, borrow, and invest for today and for their future.  We stand by our clients each and every day giving them the power to realize their personal financial goals and help make their financial lives better. 

The Global Information Security organization is responsible for protecting bank information systems, confidential and proprietary data, and customer information. The team:

  • Develops the bank’s Information security strategy and policy
  • Manages the Information security program and identifies and addresses vulnerabilities
  • Develops, deploys and manages a risk-based controls portfolio
  • Manages and operates a global security operations center that monitors, detects and responds to cybersecurity incidents

What We’re Looking For:

We’re looking for the next generation of Cyber security experts – those with a passion for growing a long-term career, building relationships and working with a team of innovative and forward thinking information security professionals.  Our cyber team is meant for those looking to make a real impact and build a career in information security.  The role is ideal for those who have a passion to work with industry leaders to protect our brand and the customer/client experience by proactively detecting, disrupting, and mitigating cyber security across the organization.

What You’ll Get:

From day one, you’ll receive training including hands-on practice, personalized coaching and dedicated support throughout your on-boarding experience.  With demonstrated success, you’ll have the opportunity to advance into many different roles with Global Information Security – with unlimited opportunity to grow throughout your career.  You will be supported with dedicated programs, tools, and resources throughout your career journey.

We’ll help you:

•Build a successful career at Bank of America through world-class training and on-boarding programs that set you up for success

•Grow in your current role through one-on-one coaching from managers who are invested in your success and training programs that help you excel, build new skills or take on additional responsibility

•Continuously learn and advance your career goals through intentional career paths to the next best role

•Use resources and innovative technologies to optimize the client experience

•Expand your business knowledge and network by partnering with experts in Global Information Security, Global Technology and other lines of business

•Become an expert in what you do

What you can look forward to:

•Ongoing professional development to deepen your skills and optimize your expertise as the industry evolves and changes

•Resources and dedicated support to help you reach your full potential throughout your career

•A benefits program designed to meet the diverse needs of our employees at every stage of their life and help them plan for tomorrow

•Progressive workplace practices and initiatives that promote inclusion

We’re a culture that:

•Believes in responsible growth and has a proven dedication to supporting the communities we serve.

•Provides continuous training and developmental opportunities to help people achieve their goals, whatever their background or experience.

•Believes diversity makes us stronger, so we can reflect, connect to and meet the diverse needs of our clients and customers around the world.

•Is committed to advancing our tools, technology, and ways of working. We always put our clients first to meet their evolving needs.

The Third Party Assessment Manager is responsible for overseeing a team of assessors responsible for executing information security assessments with the bank's third parties located within the United States, LATAM and Canada. In this role, you will provide tactical support to a team of assessors and ensure flawless execution throughout the assessment lifecycle.  Additionally, you will be expected to maintain clear and consistent communication between their team and the LOB vendor management community regarding their assessments, as well as handle any escalation that may arise. 

Additional tasks include: 
•    Identification of process optimization opportunities, including technology and work flow enhancements 
•    Work across the assessment vertical to ensure the assessment process is aligned to meet TPIS assessment procedures 
•    Assist with resource planning to ensure the program has the necessary resources to effectively execute their assessments. 
•    Stay aware of emerging cybersecurity trends and help determine if/when to integrate item into the assessment program. 
•    Support inquiries into the programs operations and/or assessment results from internal risk and support partners from GIS and the LOBs 
•    Previous information technology/security audit/assessment experience preferred. 
•    Strong attention to detail, analytical skills, ability to multi-task, and ability to work both independently as well as part of a due diligence team are also required. 
•    Must be able to plan, execute and document assessment activities following established processes and procedures. 
•    Five to seven years’ experience in information security required. 
•    CISSP, CRISC, or CISA recommended. 

Required Skills: 
•    Experience communicating to Sr. Management level management 
•    Experience working within the risk framework to remediate 
•    Strong people management skills 
•    Ability to work independently on initiatives with little oversight.  
•    Motivated and willing to learn. 
•    Strong analytical skills/problem solving/conceptual thinking. 
•    Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding 
•    Ability to direct personnel towards a set of goals and hold them accountable. 
•    Experience developing and implementing new processes/procedures 
•    Experience working with global and/or virtual teams 

Desired Skills: 
•    Bachelor's degree in Information Technology or related field 
•    Ability to work with Technical and Non-Technical business owners, Information Security, Sourcing/ Vendor Management, Business Continuity & recovery, Data Transmission, Privacy Experience supporting regulatory or sector policy initiatives. 
•    Experience with assessments based on relevant threat intelligence (network penetration testing, Red Teaming, etc.)
 

Enterprise Job Description: Manages teams working closely with line of business leaders, to inform security risk-based decisions.  Leverages deep understanding of the business and strong business acumen to provide information security expertise to key stakeholders. Possesses extensive technical or functional knowledge in third party risk management, information security, business continuity, and governance. Partners with business leaders, key stakeholders, third parties, and/or external parties to inform security risk-based decisions.  Typically has over 5 years of relevant experience including managing teams.

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Learn more about this role

Full time

JR-22046439

Band: H5

Manages People: Yes

Travel: No

Manager:

Talent Acquisition Contact:

Stuart Collier

Referral Bonus:

0

Colorado pay and benefits information

Colorado pay range:

$121,200 - $138,300 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.