Vulnerability and Compliance Technical Leader

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:

The Vulnerability and Compliance Technical Leader is a key individual contributor, with accountability for researching, designing, engineering, implementing, and supporting information security & directory technology systems (software & hardware). They will utilize in-depth technical knowledge and business requirements to design & implement secure solutions to meet customer / client needs while protecting the Bank's assets. Additionally with develop and implement security standards, procedures, and guidelines for multiple platforms and diverse environment (e.g., client server, distributed, mainframe, etc.). Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results.

Required Skills:

• 10+ years of experience in Information Security
• Subject Matter Expert on Vulnerability Management tools such as Qualys, Tenable, Skybox, and/or Rapid7.
• In-depth knowledge of vulnerability management tools and concepts such as CVEs, QID, Port Scanning.
• In-depth knowledge of authenticated scanning across multiple asset groups and fixing vulnerabilities.
• Strong knowledge of cloud environment scanning and controls.
• Strong analytical skills/problem solving/critical thinking.
• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
• Ability to work independently on various initiatives with little oversight.
• Motivated and willing to learn.
• Highly effective communication skills
• Strong fundamental understanding of information security principles, risks, and controls.
• Understanding of cyber security operations functions.
• Familiarity with industry standard endpoint tools.
• Experience with enterprise endpoint systems management tools.
• Experience with Data Governance, Model Risk Management and Application Management.
• Industry standard certificates like SANS/CISSP.

Desired Skills:

• Bachelor’s degree in information technology or related field
• Detailed, bank specific access administration knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
• Strong analytical skills/problem solving/conceptual thinking.
• Ability to work with Technical and Non-Technical business owners.
• Assist with internal efficiencies projects and development.

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Enterprise Role Overview:

This job is responsible for leading multiple security engineering efforts that deliver enterprise security capabilities. Key responsibilities include serving as a subject matter expert of security technology and acting as the critical decision maker with regards to technical design and implementation for respective security initiatives. Job expectations include assigning tasks and providing direction to team members, owning tactical decisions, and fostering relationships with clients and stakeholders.

Shift:

Hours Per Week: