דרושים Third Party Information Security Evaluation Specialist ב-Bank Of America ב-United States, Chicago

Job Description:

This job requires partnership with business function leaders, operations process owners and subject matter experts (SMEs), to provide an end to-end view of their processes, analyze impacts and data, and contribute to the optimization of the organization through data accuracy and completeness.

Key responsibilities include applying knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to validate indicative data alignment to processes and controls to requirements.
Job expectations include using data analytics, identifying gaps in coverage and data inaccuracies, and support remediation activities.

At least 3 years of related experience required.

Responsibilities:
• Manage the process inventory, reflecting accurate information that supports effective decision making, and ensuring compliance to enterprise policy and standard requirements
• Ensures process information meet enterprise standards, adhere to applicable rules, laws, and regulations, and comply with appropriate treatment of risk
• Identifies information security gaps and remediation strategies
• Process analysis to improve data accuracy and completeness
• Process improvements based on enterprise and Global Technology guidelines, organization maturity, challenges and issue remediation
• Provide end-to-end high-quality view of processes within business functions with proper identification of hand-offs and process connectors
• Support the organization’s short-and-long term strategy
• Supports a strategy of continuous improvement and acts as liaison with Global Technology and Enterprise Process Management teams
• Prepare presentations and process overview utilizing models and complementary data to assist leaders in process re-engineering activities
• Partner with stakeholders to ensure the inventory aligns to GIS policy and standard requirements in support of adherence monitoring

Required Qualifications:
• Prior related experience or business exposure desired and strong delivery mindset
• Analytical and design-oriented mindset
• Data analytics and Problem Solving
• Data driven and Trend Analysis
• Delivery Excellence
• Strong presentation skills
• Excels in working among diverse viewpoints to determine the best path forward
• Excellent verbal and communications skills
• Quality Assurance
• Innovative and Critical thinking skills – ability to assess quantitative and qualitative data to identify key themes that require deeper analysis and assessmentOther Qualifications/Desired Skills:
• Ability to identify opportunities from a process efficiency perspective and continuously challenge current state of GIS processes
• Prior experience in Information Security desirable
• Preferred process improvement and Operational Excellence exposure
• Ability to understand new technologies, intellectually curious
• Commitment to challenging the status quo and promoting positive change
• Experience working in a global environment

Skills:

• Customer and Client Focus

• Interpret Relevant Laws, Rules, and Regulations

• Policies, Procedures, and Guidelines

• Problem Solving

• Quality Assurance

• Business Acumen

• Controls Management

• Innovative Thinking

• Process Management

• Stakeholder Management

• Business Process Analysis

• Data Governance

• Data Privacy and Protection

• Data and Trend Analysis

• Risk Analytics

Responsibilities:

Developing a comprehensive and in-depth understanding of the Bank of America Private Bank portfolio construction process with respect to alternative investments, including hedge funds, private equity, and real assets.

• Creating and executing a business strategy that allows the candidate to work independently in the territory alongside local Private Bank market leadership. The business strategy will also include working closely with other members of the Alternative Investments Sales Team, home office leadership, and select third-party product partners to cultivate and grow future Alts business prospects.
• Providing proactive and solutions-oriented feedback based on interactions with internal operations, marketing, product origination, risk, legal and compliance partners to enhance the overall client and PM experience.
• Staying current on trends impacting both the broader financial markets and alternative investment strategies in order to educate our clients and Private Bank PMs on underlying manager performance attribution and the importance of diversification.

Qualifications:

• 8+ years of financial services product and/or sales experience
• Knowledge of alternative investment products
• Travel throughout coverage area (3-4 days a week)
• Strong oral and written communication skills
• Self-motivated individual with a passion for alternative investments
• Undergraduate degree in Finance, Marketing or Business Administration (CFA, CAIA or MBA a plus) is preferred
• Series 7 & 66 preferred at time of hire or must be able to obtain within 120 days of start date

Skills:

• Client Management
• Client Solutions Advisory
• Customer and Client Focus
• Pipeline Management
• Relationship Building
• Collaboration
• Presentation Skills
• Prospecting
• Referral Management
• Wealth Planning
• Referral Identification

Job Description:

Job Description:

Role Responsibilities:

• Develop and execute a comprehensive strategy for integrating AI into Cyber Threat Defense operations.
• Build and lead a team of AI engineers, data scientists, and security professionals focused on applying AI to threat detection, response automation, and adversarial simulation.
• Partner with GIS operational and technical teams to identify opportunities for AI-driven enhancements to security controls and architecture.
• Lead the design and deployment of AI-powered tools for threat hunting, anomaly detection, and automated incident response.
• Oversee the development and operationalization of custom ML/LLM models tailored to cybersecurity use cases.
• Guide architectural transformations to support scalable AI integration across the enterprise.
• Serve as a thought leader and subject matter expert on AI in cybersecurity, advising senior leadership and influencing enterprise-wide strategy.
• Ensure responsible and ethical use of AI in security operations, including model governance, bias mitigation, and explainability.
• Collaborate with offensive security teams to develop AI-enhanced red teaming and adversarial emulation capabilities.
• Drive innovation in proactive defense mechanisms using predictive analytics and autonomous threat response.

Required Qualifications

• Proven leadership in building and managing AI-focused cybersecurity teams.
• 7+ years of hands on experience in cybersecurity, specifically in Offensive Security or Threat Defense Operations.
• Hands-on experience building agentic AI systems, LLMs, and custom ML model development.
• Strong understanding of offensive security tactics and how AI can enhance red teaming, attack path mapping, and threat modeling.
• Experience leading large-scale technical projects involving security data pipelines, model deployment, and automation.
• Deep knowledge of cyber threat actor behaviors, attack vectors, and defensive countermeasures.
• Ability to translate complex technical concepts into actionable strategies for senior executives.
• Familiarity with AI governance, model risk management, and regulatory considerations in financial services.
• Demonstrated ability to drive consensus across diverse stakeholders and influence enterprise-wide initiatives.
• Strong communication and presentation skills, especially in executive and cross-functional settings.

Desired Qualifications

• Experience with enterprise cloud AI development platforms such as Azure AI Foundry, AWS Bedrock, or GCP Vertex
• Experience with AI-enhanced SOAR (Security Orchestration, Automation, and Response) platforms.
• Experience with modern data platforms, cloud-native architectures
• Familiarity with adversarial machine learning and AI security risks.
• Background in data engineering, feature engineering, and model lifecycle management.
• Prior work in regulated industries with a focus on compliance and risk mitigation.

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Job Description:

Job Description:

We are seeking a highly skilled and experienced Senior Security Automation Engineer to lead the design, implementation, and optimization of security automation workflows using the Tines platform. This role requires deep technical expertise in security orchestration, cloud architecture, and API integrations, as well as experience working closely with Security Operations Centers (SOC), Incident Response (IR) teams, and cross-functional stakeholders. The ideal candidate will bring a strong security engineering background, hands-on experience with modern automation platforms, and a strategic mindset to drive scalable and secure automation initiatives.

Key Responsibilities
• Architect, implement, and maintain advanced automation workflows using Tines.
• Collaborate with SOC and IR teams to identify high-impact use cases for automation.
• Integrate Tines with enterprise systems including EDR, SIEM, threat intelligence platforms, and cloud services.
• Lead secure integration of Tines with SSO, credential vaults, and external repositories.
• Design and configure secure connectivity solutions (e.g., Cloudflare tunnels, VPNs) for hybrid environments.
• Develop and maintain orchestration stories across platforms such as:
• CrowdStrike, Tanium, Splunk, Anvilogic, ThreatQ, AWS, and Azure.
• Write, test, and debug Python-based automation logic.
• Analyze Tines logs and metrics to optimize performance and reliability.
• Create and maintain technical documentation, runbooks, and architectural diagrams.
• Engage with stakeholders across security, infrastructure, and application teams to gather requirements and align automation efforts with business goals.
• Ensure all automation workflows adhere to enterprise security policies and change management processes.

Minimum Years of Experience 8

Required Qualifications
• 8+ years of experience in cybersecurity, with at least 3+ years in a security automation or engineering role.
• Proven experience working with SOC and/or Incident Response teams to operationalize automation.
• Hands-on experience with Tines or similar SOAR platforms (e.g., Splunk SOAR, Palo Alto XSOAR).
• Strong programming skills in Python; experience with Git and CI/CD pipelines.
• Deep understanding of REST APIs, webhooks, and secure API integrations.
• Experience with cloud platforms (AWS, Azure, or GCP), including automation and security architecture.
• Familiarity with AI/ML integrations (e.g., AWS Bedrock, OpenAI APIs) is a plus.
• Experience configuring secure tunnels (e.g., Cloudflare, SSH, VPN) for hybrid environments.
• Strong knowledge of security frameworks and best practices (e.g., NIST, MITRE ATT&CK).
• Excellent communication skills and ability to translate technical concepts for non-technical stakeholders.
• Experience with Agile/Scrum methodologies and tools like Jira and Confluence.

Desired Qualifications
• CISSP, GIAC, or equivalent security certification.
• Tines certifications (both entry-level and advanced preferred).
• AWS Certified Security – Specialty or equivalent cloud security certification.

Skills:

• Automation

• Influence

• Result Orientation

• Stakeholder Management

• Technical Strategy Development

• Application Development

• Architecture

• Business Acumen

• Risk Management

• Solution Design

• Agile Practices

• Analytical Thinking

• Collaboration

• Data Management

• Solution Delivery Process

Job Description:

Job Description:

Job Description:

Role Responsibilities:

• Partner with GIS operational and technical teams to identify opportunities for AI-driven enhancements to security controls and architecture.
• Drive the technical implementation of the design and deployment of AI-powered tools for threat hunting, anomaly detection, and automated incident response.
• Oversee the development and operationalization of custom ML/LLM models tailored to cybersecurity use cases.
• Guide architectural transformations to support scalable AI integration across the enterprise.
• Act as a technical expert on AI-driven cybersecurity initiatives, mentoring junior engineers and analysts.
• Prototype and evaluate emerging AI technologies for applicability in cyber threat detection and response.
• Serve as a thought leader and subject matter expert on AI in cybersecurity, advising senior leadership and influencing enterprise-wide strategy.
• Ensure responsible and ethical use of AI in security operations, including model governance, bias mitigation, and explainability.
• Collaborate with offensive security teams to develop AI-enhanced red teaming and adversarial emulation capabilities.
• Drive innovation in proactive defense mechanisms using predictive analytics and autonomous threat response.

Required Qualifications

• 7+ years of hands on experience in cybersecurity, preferably Offensive Security or Cyber Threat Operations
• Hands-on experience building agentic AI systems, LLMs, and custom ML model development.
• Experience with enterprise cloud AI development platforms such as Azure AI Foundry, AWS Bedrock, or GCP Vertex
• Strong understanding of offensive security tactics and how AI can enhance red teaming, attack path mapping, and threat modeling.
• Experience leading large-scale technical projects involving security data pipelines, model deployment, and automation.
• Deep knowledge of cyber threat actor behaviors, attack vectors, and defensive countermeasures.
• Ability to translate complex technical concepts into actionable strategies for senior executives.
• Familiarity with AI governance, model risk management, and regulatory considerations in financial services.
• Experience with modern data platforms, cloud-native architectures, and MLOps frameworks.
• Demonstrated ability to drive consensus across diverse stakeholders and influence enterprise-wide initiatives.
• Strong communication and presentation skills, especially in executive and cross-functional settings.

Desired Qualifications

• Experience with AI-enhanced SOAR (Security Orchestration, Automation, and Response) platforms.
• Familiarity with adversarial machine learning and AI security risks.
• Background in data engineering, feature engineering, and model lifecycle management.
• Experience with open-source AI frameworks (e.g., PyTorch, TensorFlow, LangChain).
• Prior work in regulated industries with a focus on compliance and risk mitigation.

Skills:

• Artificial Intelligence
• Critical Thinking
• Threat Analysis
• Cyber Security
• Data Privacy and Protection
• Data and Trend Analysis
• Stakeholder Management

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

Job Description:

The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Front Line Units (FLU) / CIO executives. In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.Scale/Scope
• Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for FLU/Ops
• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for FLU/Ops
• Aligned to Fraud Authentication , Financial Center, and Automated Teller Machines channel segments to drive a security strategy and to ensure appropriate security by design requirements execution
• Provides guidance and advocacy regarding the prioritization of investments that impact information security
• Advises management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Monitors information security trends internal and external to the bank and keeps leadership informed
• Manages quality control and reporting
• Ensures compliance with policies and lawsRequired Skills
• Information Security & Technology professional with 10+ years’ experience
• 7+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (Cloud, PaaS)
• Experience evaluating third party information security control and providing guidance to reduce risk on identify observations
• Experience with information security for No SQL, Big Data , and unstructured data stores (Cassandra, Hadoop, and /or Teradata)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security application security controls
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Strong leadership skills and qualities which enable you to work with peers and various levels of managementDesired Skills:
• Bachelors and/or Master’s degree in Computer Science, Information Technology or related field
• Experience working on cloud control assessment in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments

Risk Management
• Drives GIS/FLU/Ops risk deliverables
• Collaborates with risk partners on info security critical priorities
• Participates in senior FLU/Ops specific Risk Management & Business Continuity Routines
• Identifies and measures global information security (GIS) controls on most critical business processes or channelsLeadership/Strategy
• Ability to build strong Partner relationships with peer technology groups and supported FLU/Ops
• Supports the triage process with the client and helps them understand the GIS support structure
• Drives required risk culture and partnership with peer technology teams and supported FLU/Ops
• Participates in key operating routines to drive information security risk strategy