Assessor jobs in United States, Illinois, Chicago
Bank Of America Critical Infrastructure Senior Assessor United States, Illinois, Chicago
Share
Job Description:
Job Description:
Responsibilities
As a Critical Infrastructure Assurance Review (CIAR) - Info Security Exposure Mgmt. Sr Specialist, the individual will be focused on the following areas:
• Performing Critical Infrastructure Assurance Review (CIAR) process design and maturation.
• Testing of Core Infrastructure identified AITs, leveraging industry standard guidance against evolving ransomware and malware tactics, techniques, and procedures.
• Partnering with infrastructure teams and SMEs to facilitate the collection of evidence.
• Exercising independent judgment in evaluation criteria to obtain results.
• Performing QA and determining levels of compliance.
• Submitting observations for remediation tracking.
• Tracking and reporting of assessment status to leadership team.
• Iterating on the assessment and continually improving its in-scope questions and controls.
Required Skills:
• Experience in Information Security and/or IT Audit
• Technical writing and verbal communication skill
• Ability to effectively work with partners at varying knowledge and organization levels.
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
• Highly organized and motivated to deliver results with minimal direction.
• Creative and proactive problem solver – ability to understand what the team needs and offer suggestions above and beyond what they desire.
• Naturally curious individual with the ability to quickly become the authority in the various data and systems used by the team.
• Strong relationship, team building and facilitation skills.
• Good knowledge of current ransomware and malware threats and vulnerabilities, operating systems, database management and OSI Model.
• Proficient with Microsoft Office (Word, PowerPoint, Excel), Tableau, SharePoint.
Desired skills:
• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
• Experience in coordinating team projects
• Knowledge of NIST and NSA guidelines
• Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
1st shift (United States of America)These jobs might be a good fit
Bank Of America Critical Infrastructure Senior Assessor United States, Illinois, Chicago
Share
As a Critical Infrastructure Assurance Review (CIAR) - Info Security Exposure Mgmt. Sr Specialist, the individual will be focused on the following areas:
• Performing Critical Infrastructure Assurance Review (CIAR) process design and maturation.
• Testing of Core Infrastructure identified AITs, leveraging industry standard guidance against evolving ransomware and malware tactics, techniques, and procedures.
• Partnering with infrastructure teams and SMEs to facilitate the collection of evidence.
• Exercising independent judgment in evaluation criteria to obtain results.
• Performing QA and determining levels of compliance.
• Submitting observations for remediation tracking.
• Tracking and reporting of assessment status to leadership team.
• Iterating on the assessment and continually improving its in-scope questions and controls.
• Experience in Information Security and/or IT Audit
• Technical writing and verbal communication skill
• Ability to effectively work with partners at varying knowledge and organization levels.
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
• Highly organized and motivated to deliver results with minimal direction.
• Creative and proactive problem solver – ability to understand what the team needs and offer suggestions above and beyond what they desire.
• Naturally curious individual with the ability to quickly become the authority in the various data and systems used by the team.
• Strong relationship, team building and facilitation skills.
• Good knowledge of current ransomware and malware threats and vulnerabilities, operating systems, database management and OSI Model.
• Proficient with Microsoft Office (Word, PowerPoint, Excel), Tableau, SharePoint.
Desired skills:
• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
• Experience in coordinating team projects
• Knowledge of NIST and NSA guidelines
• Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
1st shift (United States of America)These jobs might be a good fit
Bank Of America Travelling Cyber Security Assurance Assessor United States, Illinois, Chicago
Share
Job Description:
Job Description:
This job is responsible for performing information security reviews of third parties that provide services to the bank. Key responsibilities include working with third parties to collect and review documentation including playbooks and evidence during an assessment to determine if information security controls are in place and documenting the controls in place in assessment workpapers. Key responsibilities span pre-assessment, assessment, and/or remediation activities.
Responsibilities:
• Partners with third parties to ensure they are prepared for information security assessments including answering detailed questions
• Evaluates a third parties information security risk with a holistic lens to determine if they meet Bank of America requirements
• Discusses any information security gaps in the service provider's program with the third party
• Escalates issues or risks identified during the assessment
• Manages relationships with third parties and Enterprise Vendor Managers
• The ability to interact with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps.
• The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment
• The ability to assess the security, effectiveness, and practicality of technology systems
Required Skills:
• Experience in Information Security and/or IT Audit
• Technical writing and verbal communication skill
• Ability to effectively work with partners at varying knowledge and organization levels.
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
• Technical skills include the domains of information security and business continuity including:
- Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.)
- IT Compliance, SOX Compliance
- Change Management
- Enterprise Risk Management
- Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards
Desired Skills:
• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
• Knowledge of NIST guidelines
These jobs might be a good fit
Bank Of America Information Security Senior Assessor / Roster Manager United States, Illinois, Chicago
Share
Job Description:
This job is to develop, manage, and respond to all requests and initiatives that aid in the daily execution of the program assessments. These can include but are not limited to risk, regulatory or audit requests. Key responsibilities include managing the creation of rosters that adhere to the defined scopes and meets the needs of GIS leadership. Job should also ensure that the PAA program is aligned with enterprise standards and policies.
Required Qualifications
Responsibilities:
• Manage rosters from creation to execution and reporting
• Manage stakeholder relationships to ensure that proper mapping between processes occur
• Respond to Audit, Regulatory and Risk related items for the team
• Help define strategic objectives for the assessments and continue to evolve and mature them
• Ensure questions are updated to meet enterprise standards as changes occur
• Develop documentation that covers responsibilities and addresses systems utilized to execute these responsibilitiesRequired Qualifications:
• 7 years technology and cybersecurity background
• Project management skills
• Proficiency in MS office suite (e.g. Excel, Word, PPT)
• Strong verbal and written communication skills with peers, subordinates and executive leadership
• Attention to detail
• Problem Solving
Desired Qualifications:
• Knowledge of internal Bank standards
• Previous cybersecurity assessment experience
• CISSP Certificate
These jobs might be a good fit
Bank Of America Cyber Security Third Party Remediation Assessor United States, Illinois, Chicago
Share
Job Description:
The Third Party Remediation Assessor is responsible for executing information security assessment remediation with the bank's third parties. In this role, you will manage the third party’s progress throughout the remediation lifecycle, as you work to address their information security gaps.
Additionally, you will be expected to maintain clear and consistent communication between the bank, the vendor, and the LOB vendor management community regarding the assessment’s status, updates, completion, and any escalations that may be required.
Previous information technology/security audit/assessment experience is strongly preferred. Attention to detail, analytical skills, ability to multi-task, and ability to work both independently as well as part of a due diligence team are also required. Must be able to plan, execute and document assessment remediation activities following established processes and procedures.
Five to seven years’ experience in information security required. CISSP, CRISC, or CISA recommended.
Required Qualifications:
Broad knowledge of information security principles and risk frameworks
Required to interact extensively with internal and external stakeholders/management to identify, analyze, escalate, and resolve security findings
Highly organized with ability to plan and direct business activities to achieve business outcomes
Must be comfortable delivering messages across a broad spectrum of partners with varying degrees of technical knowledge
Strong analytical skills, problem solving skills, conceptual thinking
Strong project management and independent portfolio management
Advanced proficiency with Microsoft Excel
Ability to work independently and track initiatives
Experience working with global and/or virtual teams
Desired Qualifications:
Understanding of network security threats, industry framework controls (CIS and NIST), and BAC Policies and Standards framework
Experience with information security, cloud, business continuity, data transmission, encryption, privacy domains
Experience supporting regulatory or sector policy initiatives
Experience with assessments based on relevant threat intelligence (Pen Testing, Red Teaming, etc.)
Ability to work with technical and non-technical business owners
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
These jobs might be a good fit
Share
Job Description:
Job Description:
Responsibilities
As a Critical Infrastructure Assurance Review (CIAR) - Info Security Exposure Mgmt. Sr Specialist, the individual will be focused on the following areas:
• Performing Critical Infrastructure Assurance Review (CIAR) process design and maturation.
• Testing of Core Infrastructure identified AITs, leveraging industry standard guidance against evolving ransomware and malware tactics, techniques, and procedures.
• Partnering with infrastructure teams and SMEs to facilitate the collection of evidence.
• Exercising independent judgment in evaluation criteria to obtain results.
• Performing QA and determining levels of compliance.
• Submitting observations for remediation tracking.
• Tracking and reporting of assessment status to leadership team.
• Iterating on the assessment and continually improving its in-scope questions and controls.
Required Skills:
• Experience in Information Security and/or IT Audit
• Technical writing and verbal communication skill
• Ability to effectively work with partners at varying knowledge and organization levels.
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
• Highly organized and motivated to deliver results with minimal direction.
• Creative and proactive problem solver – ability to understand what the team needs and offer suggestions above and beyond what they desire.
• Naturally curious individual with the ability to quickly become the authority in the various data and systems used by the team.
• Strong relationship, team building and facilitation skills.
• Good knowledge of current ransomware and malware threats and vulnerabilities, operating systems, database management and OSI Model.
• Proficient with Microsoft Office (Word, PowerPoint, Excel), Tableau, SharePoint.
Desired skills:
• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
• Experience in coordinating team projects
• Knowledge of NIST and NSA guidelines
• Education: B.E. / B. Tech/M.E. /M. Tech/B.Sc./M.Sc./BCA/MCA (prefer IT/CS specialization)
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
1st shift (United States of America)These jobs might be a good fit
