Back to search results

Global Information Security (GIS) Policy Exception Support Specialist

Chicago, Illinois;

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

This position is a Global Information Security (GIS) Policy Exception Support Specialist on the BISO GIS Exception Management team. In this role, you will primarily be responsible for three main functions within the GIS Policy Exception Management space. 

Key Responsibilities:
1) Define, drive, and deliver major components of GIS Policy Exception Quality Assurance (QA) routines including 
•       Building/enhancing sustainable routines across all GIS Policy Exception types to detect and prevent non-compliance activities
•       Providing weekly non-compliance reporting/metrics
•       Partnering with GIS Metrics team to continuously enhance reporting functionality for Program and LOB trending and analytics

2) Provide Web Proxy (internet) Exception support including 
•     Partnering with Sr. Web Proxy Exception Support and Transformation Lead and other technology SMEs designing the proxy rules and governance routines that improve the firm’s defenses against risks such as DLP and malware by reducing the amount of unrequested access to restricted websites
•     Assisting with researching, engineering, testing, implementing, communicating, and maintaining solutions supporting the Bank’s proxy infrastructure from an exception management/access perspective and designing secure solutions to meet customer/client needs while also reducing risk to the bank
•     Providing level 2 web proxy exception support to impacted employees across the bank, assisting in incident management discussions/bridge lines and providing both tactical and strategic solutions to reduce business impact while providing only the required access to employees to perform their business function                                                   

3) Management of GIS Policy Exception and Privileged Access Toxic Combination process including
•       Building/enhancing routines to manage and sustain process     
•       Obtaining BISO approvals for BRE Exception requests for employees to maintain both sides of the toxic combination 

Required Skills:
•    Experience with data analytics / data science including experience with Alteryx, Tableau and other reporting tools
•    Broad knowledge of Information Security technologies, techniques and processes with deep experience with Insider Threat and Web Proxy Infrastructure 
•    Experience and hands on knowledge with Data Loss Prevention and Malware security controls
•    Experience leading complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, issue resolution, and project resource identification
•    Demonstrable ability to self-direct project outcomes, with minimal supervision to achieve program goals
•    Excellent process design capability to improve overall efficiency, mitigate resource conflicts, and improve customer/client experience
•    Exceptional communication and customer support skills
•    Ability to build consensus and cooperation as well as to influence, interact and negotiate with senior leadership in the organization
•    Knowledge of change and project management methodologies and principles and the ability to integrate them into project design

This job will be open and accepting applications for a minimum of seven days from the date it was posted.


1st shift (United States of America)

Hours Per Week: 


Learn more about this role

Full time


Manages People: No

Travel: No

Colorado pay and benefits information

Colorado pay range:

$93,700 - $141,700 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.


This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.