Senior Manager, Third Party Information Security Office

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Job Description:
The Global Information Security (GIS) Third Party Cyber Assurance Program team manages the framework for Third Party Cyber Assurance activities. This role will lead a team of analysts who perform the following activities: partnership with Cyber Incident Response Management on Third Party incidents, analysis to determine if the program remains contemporary with the changing threat environment, reporting, data analytics and Third Party vulnerability analysis. This includes identifying, investigating, and remediating cybersecurity threats that are aligned to Third Parties. Proactive engagement across Global Third Party Procurement is also expected

Manages teams working closely with line of business leaders, to inform security risk-based decisions. Leverages deep understanding of the business and strong business acumen to provide information security expertise to key stakeholders. Utilizes experience and deep knowledge of IT platforms, tools and concepts to ensure cybersecurity requirements are integrated into all levels of decision making. Partners with business leaders, key stakeholders, vendors and/or external parties to inform security risk-based decisions. Ensures partners are executing Secure by Design efforts effectively and efficiently.

Required skills:

• 10 years of relevant experience including managing teams.
• Demonstrated leadership skills and ability to make recommendations to revise the program based on Third Party strategic threat landscape analysis
• Should be comfortable working with incomplete facts, be able to quickly rationalize and drive clarity, translate to actionable tasks, and demonstrate tenacity by working assigned tasks through to completion.
• Proficiency with executive-level tracking and reporting
• Have a strong sense of urgency when incidents arise
• Must be comfortable in delivering messages to a wide spectrum of individuals having varying degrees of technical understanding
• Confident and capable written and oral presentation skills
• Strong project management skills
• Completing written reports in compliance with current reporting procedures and policies.
• Ability to work independently with little oversight managing multiple incidents and vulnerabilities simultaneously
• Ability to analyze data to find patterns and make risk based decisions to improve the processes and program
• Must have strong leadership skills and qualities which enable you to work with peers and various levels of management
• A broad knowledge of Third Party computer networking, analysis, information security principles, and adversarial tools and techniques
• Strong analytical skills/problem solving/conceptual thinking
• Able to identify, analyze and address cyber security issues or threats, including emerging tactics or techniques
• Capability to convey a cybersecurity issue or threat
• Ability to resolve issues with minimal negative impact and risk to the organization
• Clear written communication
• Policies, Procedures, and Guidelines
• Problem Solving
• Quality Assurance
• Business Acumen
• Innovative Thinking
• Process Management
• Data and Trend Analysis
• Risk Analytics

Desired skills:

• Bachelor's degree in Information Technology or related field
• Open source Intelligence skills (OSINT)
• Experience in the remediation of information security risks/vulnerabilities
• Ability to work with technical and non-technical individuals

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

Hours Per Week: