Back to search results

Compliance and Operational Risk Manager (Security Log Management)

Charlotte, North Carolina;

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Role Responsibilities:

The Compliance and Operational Risk (C&OR) Manager is responsible for engaging in activities to provide independent compliance and operational risk oversight of Front Line Unit or Control Function (FLU/CF) performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy, the Operational Risk Management - Enterprise Policy (collectively the Policies) and the Compliance and Operational Risk Management (CORM) Program and Standard Operating Procedures (SOPs).

As a member of an FLU or CF C&OR officer team, the C&OR Manager is accountable for proactive identification, management and escalation of compliance and operational risks through the execution of some or all of the below identified activities. This role exercises judgment and influence, and may constructively challenge FLU and CF leaders to support the CORM Program objectives, balancing business strategy with appropriate controls.

Logging and Monitoring SME
The logging and monitoring SME performs technical deep dives and targeted assessment on Global Information Security’s ability to detect anomalous/malicious activity through proper use case development, logging and monitoring. This role analyzes the use case construction,  technical nuances in log data to ensure effectiveness in detection, alert lifecycle maintenance and fidelity of alerting. 

Required Skills:

  • 8+ years of experience with cyber security policies, processes and practices

  • 4+ years of experience with enterprise security log management 

  • Very strong knowledge of network, application and host logging

  • Very strong knowledge of Security Information and Event Management (SIEM) analysis, monitoring and alerting

  • Understanding of deployment, configuration, and maintenance of log agents across UNIX and Windows platforms

  • Knowledge of regular expression, scripting, and application development languages

  • Knowledge of alert lifecycle management 

  • Understanding of cyber security risk management frameworks and models

  • Understanding of security compliance and operational risk management           

  • Ability to assess security controls and determine gaps in control coverage

  • Ability to effectively communicate residual risk point of view to senior stakeholders                                                                                        

  • CISSP, CISM or CRISC or equivalent required 

Desired Skills:

Technical degree


1st shift (United States of America)

Hours Per Week: 


Learn more about this role

Full time


Manages People: No

Travel: No

Jersey City pay and benefits information

Jersey City pay range:

$94,300 - $188,100 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.


This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.