Cybersecurity Software Development Life Cycle (SDLC) Sr. Manager

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Job Description:

The Cybersecurity SDLC Sr. Manager will lead the integration of security practices throughout the Software Development Life Cycle (SDLC). This role involves developing and enforcing security policies, managing risk assessments, and ensuring compliance with Application Security Standards. The executive will collaborate with cross-functional teams to implement secure coding practices, policy development, and training and awareness across the stakeholder community. They will also monitor emerging cybersecurity threats and drive continuous improvement initiatives to enhance overall software security. A deep understanding of cybersecurity frameworks and risk management is required. 10+ years of experience is generally required

Required Skills:

• Strategic Leadership: Develop and implement cybersecurity strategies throughout the Software Development Life Cycle (SDLC).
• Risk Management: Identify and mitigate security risks associated with software development and deployment.
• Policy Development: Create and enforce security policies, standards, and guidelines related to SDLC processes.
• Teams Collaboration: Collaborate with development, QA, and operations teams to ensure security best practices are integrated at every stage of the SDLC.
• Training & Awareness: Lead training programs to enhance team awareness of secure coding practices and cybersecurity threats.
• Compliance Oversight: Ensure adherence to industry regulations and compliance standards (e.g., GDPR, HIPAA).
• Continuous Improvement: Monitor and assess the effectiveness of security measures, driving continuous improvement initiatives.
• Stakeholder Engagement: Communicate security risks and strategies to senior management and other stakeholders.
• Technical Expertise: Significant knowledge of cybersecurity threats, controls and technologies, with a deep understanding/experience with software developer experiences

Responsibilities are the stabilization and transformation of the GIS Secure coding work and continued partnership with EET on the future state of Development Pipeline transformation.

• Stability Secure Coding Risk and Issues.
• Establish and execute a clear path forward for executing Secure Coding and SbD Integration.
• Establish long term direction for Secure Coding; Start/Stop/Continue

Shift:

Hours Per Week: