Identity & Access Management Lifecycle Governance & Controls Services Analyst

Posted:
9/10/2024, 8:42:34 AM

Location(s):
Colorado, United States ⋅ Illinois, United States ⋅ Denver, Colorado, United States ⋅ Chicago, Illinois, United States ⋅ Washington, United States

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Position Summary

Global Technology delivers technology services globally across the bank’s eight lines of business that serve individuals, companies, and institutions. The team also focuses on digital banking, payments, infrastructure, data management and technology that enhances cyber security, and risk and capital management. Innovation is at the heart of all Global Technology does. Good conduct and sound judgment are crucial to our long-term success. It’s important that all employees in the organization understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

What you can expect in Identity & Access Management:

In today’s highly connected world, managing and securing the identity of users is essential to the safety and success of our workforce. The Identity & Access Management team works within Global Information Services (GIS) and in close participation with all other LOB teams as well as second and third line of defense partners.

This role is highly visible and requires frequent interaction with senior management and key stakeholders. Are you passionate about the latest IT technologies and thrive in a fast-paced international environment? In a typical day, you may work with other team members on the book of work, operational concerns, or risk items. You will help overcome obstacles and maintain good relationships with key stakeholders across The Bank to ensure timely and effective delivery. We offer you the opportunity to collaborate with passionate competent people, experts in their field. We thrive on being challenged and everything we do is anchored in managing risk for The Bank.

The Identity & Access Management Information Security Controls Specialist will analyze, strengthen, and secure the company's related systems and overall security posture for identity and resource lifecycle governance. This role focuses on collaboration across all Lines of Business, CIO teams, to continuously improve the organization's adherence to security best practices, laws/rules/regulations, and policies. The Control Specialist will analyze technology, controls and various other areas to identify inefficiencies and drive designing of improvement opportunities to enable adherence.

The role also will actively apply knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, and report on adherence to policy requirements. Job expectations include using data analytics and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.

Responsibilities:

  • Primarily responsible includes assisting identity and access management leads and partners along with other technology SMEs to ensure that strategic and effective solutions are adopted across the bank.

  • Support leads to ensure that all identity and access management related IAM requirements are appropriately measured, reported, and governed.

  • Establish and maintain strong partnership with other Global Information Security functions, Core Technology Infrastructure, Cyber Security Technology, Third Party management, Global Compliance and Operations Risk, internal audit, and regulatory agencies.

  • Clearly articulate rationale and methods behind proposed changes through informative materials for educating others.

  • Provide education and documentation to team members and technology partners regarding the proposed changes.

  • Engage senior management to provide factual, transparent, and timely reporting on existing and emerging identity and authentication risks.

  • Ensures Information Technology systems meet enterprise standards, adhere to applicable rules, laws, and regulations, and comply with appropriate treatment of risk.

Required Qualifications:

  • Knowledge and understanding of Identity and Access Management specific laws, rules, regulations, and Guidelines such as SOX, OCC, NIST, ISO/EC, FFIEC within the financial services sector.

  • Knowledge of identity and authentication methodologies, techniques, and technologies.

  • Knowledge of Identity and Access Management Governance Administration related tools which support, vaulting, integration with service management tool would be an advantage.

  • 5+ years relevant hands-on experience in identity and authentication fields in a large and complex organization.

  • Security knowledge which covers core technology infrastructure (Account management, servers, databases, etc.) identity management and application security practice.

  • Experience with Linux, Windows, Cloud Identity, Access Management, design and architecture of authentication services or Identity Store.

  • Proficient in articulating facts and data-driven plans and ability to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to relevant Identity and Authentication requirement within IAM standards.

  • Strong attention to detail and advanced analytical skills.

  • Excellent communication and presentation skills.

  • Excellent organizational skills and be able to effectively prioritize multiple tasks.

  • Hands on experience and involvement in large and complex projects.

  • Proficient in data management which includes strong data analytical capabilities with advanced understanding of the collection and management of metadata.

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Shift:

1st shift (United States of America)

Hours Per Week: 

40