המקום בו המומחים והחברות הטובות ביותר נפגשים
Your background
Previous information technology/security audit/assessment experience preferred.
Ability to leverage attention to detail and analytical skills.
Ability to multi-task and work both independently as well as part of an assessment team
Ability to plan, execute and document assessment and remediation activities following established processes and procedures.
Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
Minimally, CISSP and/or CISA certifications are required as well as five to eight years of experience in information security or business continuity.
Technical skills include the domains of information security and business continuity including:
Information Security Controls (Cloud Security, Infrastructure Security, Access Management, Physical Security, Application Security, etc.),
IT Compliance, SOX Compliance
Change Management
Enterprise Risk Management
Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards.
Excellent command of written and spoken Japanese at native level to be able to communicate with stakeholders in Japan.
Must be able to travel up to 25% of the time.
Experience in Cloud technologies, OSINT and threat modeling will be advantageous.
What you can expect
The Third Party Cyber Security Assessor will conduct information security and business continuity assessments of third parties providing services to Bank of America. The assessor will examine a third party's program to determine if they meet the Bank’s requirements, identifying control gaps that may expose the Bank to risks and subsequently work with the third party on all remediation activities.
There will be opportunities to be involved in projects to improve processes & transform the assessment program. This will enable you to leverage and grow your leadership skills as you'll be expose to various internal stakeholders and industry partners.
What you will do
Manage and execute assessments of third parties providing services to Bank of America.
Evaluate design and effectiveness of controls implemented by third parties providing services to Bank of America
Drive remediation of issues identified through the assessments and any subsequent risk conversations with the third parties and other internal stakeholders.
Interface with external third parties and internal line of business stakeholders to provide consultation on information security topics and build strong working relationships with these parties.
Partner with regional and global GIS teammates to collaborate on opportunities and to identify, analyze, and resolve complex problems or security gaps.
Contribute to the development and transformation of the Third Party Cyber Assurance program
Conduct cyber risk assessment in support of technology initiatives to help identify IT related risk and determine appropriate controls to mitigate risks.
Monitor, track, and manage risk mitigations and exceptions and ensure adequate monitoring capability is incorporated into solutions.
משרות נוספות שיכולות לעניין אותך