Posted:
7/8/2024, 5:00:00 PM
Location(s):
Illinois, United States ⋅ Chicago, Illinois, United States ⋅ Colorado, United States ⋅ Denver, Colorado, United States
Experience Level(s):
Senior
Field(s):
IT & Security
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Security and Solutions Design Program Governance team is seeking an innovative leader to serve as a Senior Central Intake Lead executing on the Business Information Security Office Central Intake Framework within the Secure by Design Evaluation (SBDE) program. This important role stands at the front door of requests for approval from Global Information Security (GIS), and functions as a hub gathering information from enterprise tollgate requests to GIS, enterprise technology data sources, Central Threat Defense Framework routines, and governance evaluations required by GIS Senior Leadership Team. This key team member’s work will require subject matter expertise in the scope of bank enterprise tollgates, understanding of potential information security impact of technical changes (including interpretation of conceptual technology design diagrams), and comfort with communicating concisely with the intent to discover details and ensure that finalized requests provided to GIS contain accurate and consistent information from a variety of sources.
In this role, you’ll be accountable for managing a wide variety of activities day-to-day, including:
Review scope definition and criteria of SBDE program processes as bank policies, security threat landscape, and GIS review triggers change to propose continuous improvement of execution and evolution of SBDE
Executive presence and relationship management to resolve escalation from concerned stakeholders
Raise concerns, with analysis of examples, and recommendations of solution options to SSD Senior Leadership via process change management routines, or ad-hoc in the event of a critical concern
Use application development / security background - solid knowledge of SDLC from sourcing/design, to testing, through deployment and the different risk elements associated with each step
Apply continuous learning from security issues, industry best practices, and technological design patterns to evolve and enhance the Central Intake Framework
Support documentation of requests from GCOR, Audit, et al regarding Central Intake activities and observations
Participate in SSD tool UAT (Jira Service Manager) monthly, and update/maintain Central Intake procedures, templates, and other job/training aids
Determine impact of SBDE program changes to Central Intake procedures (and vice versa); discuss concerns in a productive manner, seeking to reach agreement across SSD execution team leadership
Use SSD tools to design appropriate tracking, prioritization, and reporting for use by the Central Intake team to bring senior leadership operational insight
Onboard and train Central Intake team members with emphasis on prioritized execution of a complex, high-volume process
Interpret conceptual diagrams for technology changes with a focus on information security details: methods, protocols, controls, etc.
Review status of ongoing SBDE cases, understanding the purpose of each test, interpreting acceptable test results, and the working with SSD Architects, Case Managers, and Quality Assurance teams to ensure a good experience for our CIO customers
Primary Skill
Secondary Skill
Tertiary Skill
Required Skills
You will be successful in this role with these attributes:
10+ years as an Information Security / Technology professional within a highly-regulated industry
5+ years of risk identification experience
Strong sense of ownership and accountability for the success of SSD programs
Executive presence and experience discussing complex issues with technical and non-technical leaders
Strategic thinking – high-potential ideation beyond what has succeeded in the past
Leverages established laws, rules, regulations, and policy to rationalize decisions – comfortable providing feedback to internal policy owners when asked
Proficiency with Jira Service Manager, Application HQ, enterprise tollgate tools (ex. CECE, GCGF Intake, PTS/R), and various GIS reporting tools (ex. Tableau, Continuous Monitoring, RSAM, Trident)
Influencer – energized by sharing fresh methodology, and leading others to adoption of improvements
Critical thinking – one of the first who: grasps new concepts, understands the connections between SSD work and that of other teams, and sees potential pit-falls
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
Shift:
1st shift (United States of America)Hours Per Week:
40Website: https://bankofamerica.com/
Headquarter Location: Charlotte, North Carolina, United States
Employee Count: 10001+
Year Founded: 2007
Last Funding Type: Seed
Industries: Asset Management ⋅ Banking ⋅ Finance ⋅ Financial Services ⋅ FinTech