Contract Negotiator

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:

The Cyber Security Assurance (CSA) function within Global Information Security is responsible for oversight of third-party security programs, including assessing third party security programs and maximizing protections for all aspects of security for the third party landscape.

Responsibilities:

• Individual will be part of Global Information Security providing support for the Cyber Security Assurance team relative to matters pertaining to confidentiality and information protection. 
• Responsibilities include conducting contract reviews and contract negotiations as part of information security due diligence of vendors proposing or selected to provide products/services to Bank of America, including providing alternate contractual terms when third party makes unacceptable changes to the bank's standard information security material terms. The alternate contractual terms or language optimally address the concerns of the third party while maintaining the information security protections the standard terms were designed to accomplish.
• Individual will lead escalation of deviations from the bank's standard information security material terms to senior information security and business leaders.
• Individual must be highly motivated and possess, technical knowledge of a wide range of information security processes required for evaluating their design and effectiveness.  

Required Skills:

• Active license to practice law in at least one state or the District of Columbia.
• Candidates must have at least 3-5 years of relevant experience. (Previous information technology/security audit/assessment experience is a plus.)
• Individual must possess superior written and verbal communication skills including the ability to communicate clearly and concisely to all levels, up to and including executive level management, and explain the need for key controls to technical and non-technical resources.
• Strong attention to detail, analytical skills, ability to multi-task, and ability to work both independently as well as part of a due diligence team are also required.
• Candidates must be able to plan, execute and document assessment due diligence activities following established processes and procedures. 

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Enterprise Role Overview:

This job is responsible for leading major projects, programs, or processes with significant business impact to reduce third party information security risk. Key responsibilities include managing escalations throughout the assessment process and providing comprehensive expertise to key stakeholders pertaining to third party risk management. Job expectations include reducing security gaps in partnership with business leaders, key stakeholders, third parties, and external parties and ensuring compliance with security policies.

Shift:

Hours Per Week: