Business Information Security Officer (BISO)

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business and their COOs and their supporting technology teams from the Chief Information Officers (CIOs)/Chief Technology Officers (CTOs).

In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.

Scale/Scope:
Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for the line of business (LOB)
Serves as an Information Security subject matter expert and liaison with GIS teams and participates in the development, implementation and maintenance of information security programs for both the line of business (LOB) and the enterprise
Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related issues
Manages information security control alignment reporting to LOB Leadership.

Risk Management:
Drives GIS/LOB risk deliverables
Collaborates with risk partners on info security critical priorities
Participates in senior LOB specific Risk Management & Business Continuity Routines
Identifies and measures global information security (GIS) controls on most critical business processes or channels

Leadership/Strategy:
Ability to build strong Partner relationships with peer technology groups and supported LOB
Supports the triage process with the client and helps them understand the GIS support structure
Drives required risk culture and partnership with peer technology teams and supported LOB
Participates in key CIO operating routines to drive information security risk strategy
Has a solid grasp of security in big data and other instructed large data structures

Required Skills:
2-5 years of experience in technology and 5 + years in information security
Must display subject matter experience in application security, vulnerability testing, system testing, and/or Agile lifecycle management
Strong LOB knowledge/experience for the type of business they are aligned to (e.g..CSBB/GBM)
1-2 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments.
Experience giving presentations and superb communication skills

Shift:

Hours Per Week:

Pay Transparency details