Bank Of America Information Security Officer 

Mexico, Mexico City 

130790893

Responsibilities:

• Possess strong / experienced application development and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post-production and the different risk elements associated with each step.

• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB).

• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs.

• Supports internal, external, and regulatory audit-related deliverables and action plans.

• Close tracking on Enhanced Remediation Program (ERP) efforts.

• Support leading the regional awareness program according to local needs.

• Provides key local support on Identity and Access Management end-to-end process, including actively action whenever needed.

• Works on regulatory requirements, including the local KRIs reporting and needed dashboards.

• Manages quality control and reporting.

• Ensures compliance with applicable policies and laws.

• Drives GIS/LOB risk deliverables.

• Collaborates with risk partners on info security critical priorities.

• Participates in senior LOB specific Risk Management & Business Continuity Routines.

• Identifies and measures global information security (GIS) controls on most critical business processes or channels.

• Supports the triage process with the client and helps them understand the GIS support structure.

• Drives required risk culture and partnership with peer technology teams and supported LOB.

• Participates in key CIO operating routines to drive information security risk strategy.

• Interfaces with global programs like Third-Party Information Security Assessment (TPIS), ADSF, etc to support local / regional initiatives.

Skills:

• Information Security & Technology professional with 10+ years’ experience.

• 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations.

• Bachelors and/or Master’s degree in Computer Science, Information Technology or related field desired.

• Fluent in Spanish and English.

• Highly desirable: accredited Information Security certification(s) such as CISSP, CISM, CRISC, CISA.

• Deep knowledge on local information and cybersecurity regulatory requirements (e.g. CNBV, Banco de México) and experience on implementation.

• Subject matter expertise in application security, vulnerability testing and development of risk management.

• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms (e.g. Cloud, PaaS).

• Knowledge in Windows, Unix, Midrange and Mainframe Platforms with emphasis on security and access controls.

• Exceptional executive presentation and communication skills in Spanish and English.

• Ability on producing operational, tactical, and executive presentations and reporting, including KRIs.

• Excellent influencing and problem resolution skills.

• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.

• Strong leadership including soft skills which enable you to work and build relationships in a diverse and multi-cultural environment with global, regional, and local peers, supported LOBs and various levels of management.

• Capacity to work on operational, tactical, and executive topics simultaneously, for the country and as a supporter for the LATAM & Canada region.

• Organization, high accountability and discipline to work with little supervision.