Sr. Business Information Security Officer – Core Technology Infrastructure

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

The Senior Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting Core Technology Infrastructure (Core TI) to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls. Additionally, this role will support Core TI strategy and highly visible initiatives.

Scale/Scope
•    Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for Core TI
•    Provides guidance and advocacy regarding the prioritization of Core TI investments that impact information security
•    Engage with Core TI leaders and their teams to raise awareness of policies, standards and process changes that can impact their initiative portfolio 
•    Gain a strong understanding of Core TI initiatives to share with the BISO SLT and their teams
•    Advises Core TI management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
•    Consult on Core TI strategy, design, implementation and migration for technology initiatives: 
•    Assess security opportunities and challenges and partner to determine best future state
•    Influence and drive collaboration across teams 
•    Serve as subject matter expert in BISO process and participate in training and mentoring of new employees
•    Monitors information security trends (internal and external to the bank) and keeps Core TI leadership informed about information security-related issues
•    Serve as the backup for teammates responsible for supporting others 
•    Manages quality control and reporting
•    Ensures compliance with policies and laws

Required Skills
•    Information Security & Technology professional with 10+ years of experience in application development, infrastructure technologies, and/or Information Security
•    5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
•    Subject matter expertise in application security, cloud security, DevSecOps, application architecture, design patterns, vulnerability testing and development of risk appetite
•    Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms, including (Cloud/SaaS/IaaS/PaaS)
•    Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
•    Exceptional executive presentation and communication skills
•    Excellent influencing and problem resolution skills
•    Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
•    Strong leadership skills and qualities which enable you to work with peers and various levels of management

Desired Skills
•    Experience working on cloud implementations in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments
•    Bachelors and/or Master’s degree in Computer Science, Information Technology or related field

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

Hours Per Week: