Expoint - all jobs in one place

מציאת משרת הייטק בחברות הטובות ביותר מעולם לא הייתה קלה יותר

Limitless High-tech career opportunities - Expoint

Bank Of America Information Security Onsite Risk Assessor 
United States, Colorado, Denver 
186464592

29.08.2024

Job Responsibilities

  • Partners with third parties to ensure they are prepared for information security assessments including answering detailed questions

  • Evaluates a third parties information security risk with a holistic lens to determine if they meet Bank of America requirements

  • Discusses any information security gaps in the third party’s program with their SME(s)

  • Escalates issues or risks identified during the assessment

  • Manages relationships with third parties and Enterprise Vendor Managers

  • Must be able to travel up to 50% (i.e. every other week 3-4 days a week)

  • The ability to interact with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps.

  • The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment

  • The ability to assess the security, effectiveness, and practicality of technology systems

Required Qualifications:

  • Experience in Information Security and/or IT Audit

  • Technical skills include the domains of information security and business continuity including:

  • Information Security Controls (Infrastructure Security, Access Management, Application Security, etc.)

  • IT Compliance, SOX Compliance

  • Change Management

  • Enterprise Risk Management

  • Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards

  • Technical writing and verbal communication skill

  • Organizational and administrative skills.

  • Ability to coordinate multiple assessment activities in parallel.

  • Ability to work individually and as part of a team.

  • Naturally inquisitive and keen to learn.

  • Ability to effectively work with partners at varying knowledge and organization levels.

  • Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.

Desired Qualifications:

  • Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA

  • Knowledge of NIST guidelines

This job will be open and accepting applications for a minimum of seven days from the date it was posted

1st shift (United States of America)