CASY-MSCCN Jobs

Secure by Design Central Intake Security Officer

Denver, Colorado;Chicago, Illinois

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

The Security and Solutions Design Program Governance team is seeking an analytical thinker to execute on the Business Information Security Office Central Intake Framework within the Secure by Design Evaluation (SBDE) program. This important role stands at the front door of requests for approval from Global Information Security (GIS), and functions as a hub gathering information from enterprise tollgate requests to GIS, enterprise technology data sources, Central Threat Defense Framework routines, and governance evaluations required by GIS Senior Leadership Team. This key team member’s work will require subject matter expertise in the scope of bank enterprise tollgates, understanding of potential information security impact of technical changes (including interpretation of conceptual technology design diagrams), and comfort with communicating concisely with the intent to discover details and ensure that finalized requests provided to GIS contain accurate and consistent information from a variety of sources.

Required Skills

In this role, you’ll be accountable for managing a wide variety of activities day-to-day, including:

• Determining scope of GIS requirements for SBDEs via analysis of security-relevancy of proposed technical changes, and mapping potential security impact to the appropriate GIS assessment

• Mitigate stakeholder pushback which can lead to review delays by educating a variety of stakeholders to facilitate understanding of GIS requirement scope designed to reduce security risk of technology changes

• Apply knowledge of Global Policy standards and procedures, within GIS Policy and other policy areas, which are relevant to GIS review requests -provide feedback on the impact these policies may have on scoping SBDE

• Learning continuously from security issues, industry best practices, and technological design patterns to evolve and enhance the Central Intake Framework

• Keep up-to-date with technology partner processes/requirements, GIS assessments and processes related to SBDE

• Use SSD tools to track, prioritize, and report on concerns regarding the SBDE processes or any process or tool which may impact SBDE

Desired Skills

You will be successful in this role with these attributes:

• Strong problem solver with drive to take ownership of, and resolve, challenges

• Concise verbal and written communication skills, with executive presence

• Excel at operating with minimal management oversight

• Proficiency with Jira Service Manager, Application HQ, enterprise tollgate tools (ex. CECE, GCGF Intake, PTS/R), and various GIS reporting tools (ex. Tableau, Continuous Monitoring, RSAM, Trident)

• Early-adopter and change-agent who enjoys meeting rapidly changing business needs, managing competing priorities, and applying critical thinking in all situations

Enterprise Job Description: This job is responsible for supporting Line of Business leaders by balancing the needs of the business while ensuring information security risk is appropriately identified and managed to drive uncompromising cyber security protection. Key responsibilities include applying an understanding of the business and engaging with technology partners, business partners, and Global Information Security teams to provide blended security and business expertise to ensure appropriate management of information security risks.

Shift:

1st shift (United States of America)

Hours Per Week:

40

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

To view the "EEO is the Law" poster, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) .

To view the "EEO is the Law" Supplement, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf) .

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

To view Bank of America’s Drug-free workplace and alcohol policy, CLICK HERE .