Info Security Threat Mgmt Specialist

Job Description:

Job Title: Info Security Threat Management Specialist

Corporate Title:  VP

Location:  Dublin

Company Overview:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth.  This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact.  Join us!

Location Overview:

Our Central Park office in Leopardstown, boasts modern facilities based in Dublin’s premium business park. With an onsite gym and staff restaurant, all your daily needs are conveniently catered for. Travel options include the LUAS network and the Central Park shuttle service between Dublin City Centre and Central Park. We also provide tax saver tickets as part of our award-winning benefits package, which means getting to work has never been so easy.

Role Description:

Global Information Security  is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents.  Within GIS, Identity and Access Management  is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous compliance requirements.

Responsibilities:

•           Assisting Authentication lead and partners with other technology SMEs to ensure that strategic and effectively authentication solutions are adopted across BAC and ensure compliance with IAM Standard.

•           Support IAM Governance leads to ensure that all authentication related IAM requirements are appropriately measured, reported and governed.

•           Appropriately assess identity and authentication related risks when business and technology decisions are made, demonstrating risk management mindset and practices to safeguard BAC’s reputation, its clients, and assets by driving compliance with applicable laws, rules, and regulations, adhering to BAC Policy and Standards.

•           Monitors industry information security and Identify and Authentication trends and engages peer organizations to refine and enhance BAC’s strategy.

•           Apply industry Identity and Authentication best practices, templates, and documentation while also proposing improvements based on practical knowledge.

•           Partner with other Global Information Security (GIS) functions, Core Technology Infrastructure (CTI), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal audit, and regulatory agencies.

•           Influence relevant tools owners to build/implement enhanced Identity and Authentication solutions that are efficient, effective, and modern and able to deliver material risk reduction in sustainable manner.

•           Collaborate with stakeholders to develop Identity and Authentication requirements that iteratively support long term modernization and transformation (covers Process, Data and Technology aspects).

•           Support engagement with Product Managers and Senior Architects to comprehend the strategic Identity and Authentication technology roadmap.

•           Consult with the business to identify gaps and governance issues, leveraging own domain expertise to find effective solutions.

•           Clearly articulate reasons and methods behind proposed changes through informative materials for educating others.

What we are looking for:

•           Knowledge of identity and authentication methodologies, techniques and technologies,familiarity with laws, rules, and regulations within the financial services sector.

•           Understanding and interpreting BAC’s established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related identity and authentication decisions and responses. Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides.

•           Familiarity with security standards such as NIST, ISO/EC, FFIEC.

•           Knowledge of PAM related tools which support MFA, vaulting, integration with service management tool would be an advantage.

•           Experience in identify and authentication fields in a large and complex organization with deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.

•           Experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of authentication services or Identity Store.

•           Knowledge of authentication platforms and protocols such as Active Directory, LDAP, OIDC, Kerberos.

•           Understanding of Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc.

•           Experience with IAM platforms such as Ping Identity, Active Directory OpenLDAP, OpenDJ

•           Proficient in data management which includes strong data analytical capability with advanced understanding of the collection and management of metadata

•           Experience with report automation and aggregation tools (Tableau, Splunk) highly desirable

Skills that will help:

•           Possession of CISSP certification would be an advantage.

•           Knowledge of Compliance Certifications such as SOX, SOC, SOC2.

•           Experience and involvement in large projects

•           Bachelor’s Degree or equivalent work experience

Benefits of working at Bank of America:

Ireland

Private healthcare for you and your family plus an annual health screen to help you manage your physical wellness with the option to purchase a screen for your partner

•           Competitive pension plan, life assurance and group income protection cover if you become unable to work as a result of a disability or health reasons

•           20 days of back-up childcare and 20 days of back-up adult care per annum 

•           The ability to change your core benefits as well as the option of selecting a variety of flexible benefits to suit your personal circumstances including access to a wellbeing account, travel insurance, critical illness etc.

•           Access to an Employee Assistance Program for confidential support and help for everyday matters

•           Access to free counselling through the Employee Assistance Program and virtual GP services through our private health care plan

•           Ability to donate to charities of your choice and the bank will match your contribution

•           Opportunity to access our Arts & Culture corporate membership program and receive discounted entry to some of Ireland’s most iconic cultural institutions and exhibitions.

•           Opportunity to give back to your community, develop new skills and work with new groups of people by volunteering in your local community.

Bank of America:

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunities employer and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity or gender reassignment, marital or civil partner status, race, religion or belief, colour, nationality, ethnic or national origins, membership of the Traveller community, age, sexual orientation, pregnancy or maternity, civil status,  socio-economic background, family status or physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.