Back to search results

Risk Oversight Lead

Denver, Colorado;

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:

Functional lead for the Risk Oversight team within Bank of America’s Global Information Security (GIS) Planning, Controls and Governance team, specifically in the External Engagement & Risk Governance group. You will be responsible for the oversight, participation and successful completion of GIS Risk/Issues Management activities, Audit reviews, Global Compliance and Operational Risk (GCOR) engagements, and regulatory requests. You will work closely with cross functional teams, GIS Divisional leads, Subject Matter Experts, Senior Leadership Teams (SLT) and Risk partners and will be accountable for driving effective oversight of Issues Management deliverables and Audit/GCOR engagements leveraging expertise in information security frameworks, standards, policies, controls, laws, rules, and regulations. You will provide support and guidance to GIS risk stakeholders navigating these activities by coordinating efforts to mitigate/remediate information security risks, and by providing critical reporting of Risk/Issues/Audit/GCOR activities to GIS SLT and Risk stakeholders.


  • Serving as Ops Lead for Risk Oversight team day-to-day activities and overseeing the team’s strategic planning and execution.
  • Day-to-day functional lead for the Issues Management portfolio team which includes helping to facilitate team member goal-setting and performance review activities
  • Engaging with senior leaders and representing the Risk Oversight team in both internal GIS and external forums and working groups
  • Developing and managing key partnerships across GIS.
  • Supporting risk and issues management, governance, and improvement of GIS functions’ understanding of these activities.

The goals of the position will be :                                                                                                          

  • Centrally manage Risk/Issues/Audit/GCOR engagements inclusive of tracking, oversight, and reporting of associated deliverables
  • Coordinate Risk Oversight team day-to-day activities, assuring full coverage of all GIS Divisions by managing team alignments and workloads
  • Develop and maintain critical partnerships with external control partners (GT Risk, QA teams, Audit, GCOR, etc.)
  • Navigating GIS Risk & Issues stakeholders through Issues/Audit/GCOR activities from end-to-end
  • Understanding various points of engagement and supports teams in responding to Audit/GCOR requests
  • Identifying and escalating risks within the vertical team, and driving effective oversight of GIS Risk/Issue commitments   
  • Providing horizontal oversight on Audit/GCOR responses to drive consistency in responses

Required Skills:

  • Cyber security or information security domain knowledge
  • 8+ year of risk management experience (Regulatory, Operational Risk, Compliance) with proven ability to effectively apply risk principles to complex business situations
  • Experience presenting to senior leaders and proficiency in constructing executive level reporting
  • Experience working on Issues and/or MRAs, Consent Orders or Regulatory Deliverables
  • Self starter, highly organized, excellent time management skills and ability to juggle multiple, competing priorities
  • Exhibit strong relationship management and interpersonal skills
  • Influence horizontally and vertically across the organization and diverse audiences with varying degrees of technical understanding

Enterprise Overview:

This job is responsible for leading a key function driving enterprise-wide information security policies, procedures, and standards in support the policy governance lifecycle. Key responsibilities include applying knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies. Job expectations include providing oversight and alignment of processes, and, controls to requirements, identifying gaps in coverage, and, reporting on adherence to the Information Security Policy.


1st shift (United States of America)

Hours Per Week: 


Learn more about this role

Full time


Manages People: No

Travel: No

Colorado pay and benefits information

Colorado pay range:

$139,000 - $180,300 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.


This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.