Job Description:
The Secure by Design (SBD) Consultant team members assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings. The role ensures that Bank of America continuously develops cyber secure technologies that adhere to internal policies as well as industry best practices. In addition, the team may be asked to provide technical support to the client, management, and lines of business in risk assessments and implementation of appropriate data security procedures and products. Must be able to meet demands associated with managing multiple projects in a global environment. Assist with and contribute to overall SBD success.
The Team
The Information Security Officer will be a member of the Business Information Security Officer’s (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs).
Required Skills:
- number of years’ experience in cyber security or a technology-related field.
- Experience in vulnerability assessment, security incident response, application security.
- Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc.
- Ability to evaluate technology to ensure cyber-secure development that adheres to internal application policy, standards, and baselines.
- Experience in analyzing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat.
- Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements.
- Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders.
- Experience with basic SharePoint usage.
- Ability to take ownership of an initiative/issue through completion.
- Ability to work in a collaborative environment.
- Strong project management skills.
- Ability to work with minimal supervision.
- Ability to own and deliver on complex initiatives in a high paced, evolving environment.
- Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2).
Desired Skills:
- Bachelor’s degree in Information Technology, information security or related field
- Master’s degree preferred
- Knowledge in Application security, Risk assessments, Cloud technologies, GRC (Governance, Risk, and Compliance) with emphasis on security processes and controls
- Strong analytical skills/problem solving/conceptual thinking
- Ability to work with technical and non-technical business owners
- Assist with internal efficiencies projects and development
Job Band:
Shift:
Hours Per Week:
Weekly Schedule:
Referral Bonus Amount:
