Bank Of America Information Security Controls Specialist Global 

Singapore 

41993401

Your background

• Strong operational mindset and detail-oriented
• Excellent analytical & problem-solving skills with good conceptual thinking
• Comfortable presenting to executives and senior management
• Understanding of information security principles, processes, and controls
• Knowledge of APAC laws, rules, and regulations impacting information security
• Excellent command of the English Language, with strong verbal and written communication skills
• Bachelor’s degree in Information Technology or related field
• CISSP or CISA Certification preferred

What you can expect

This role will require competency in information security processes and controls and a strong operational mindset.

What you will do

• Responsible to solicit, review and deliver responses on information security processes and controls for regulatory exams, external audits and meetings, surveys/questionnaires, attestations, internal audits, and/or compliance engagements, including obtaining senior management approvals for the release of all responses.
• Consults on-demand with internal stakeholders on alerts and advisories published by regional regulators.
• Responsible to collaborate with internal stakeholders in identifying, onboarding and submitting non-financial regulatory reports (NFRR) change requests related to information security in a timely and accurate manner.
• Assists Regulatory & Exam Management team in providing regional governance and support for escalation of potentially regulatory-reportable cyber incidents.
• A self-starter, team player with a strong people-influencing skillset
• Drive Regulatory & Exam Management team’s initiatives including globally driven ones based on annual strategy.
• Ensure team’s processes and playbooks are up-to-date, effective and efficient.
• 6-9 years of cyber security/risk/regulatory experience
• Certification desired but not required: CISSP, CRISC, CISM
• Conduct cyber risk assessment in support of technology initiatives to help identify IT related risk and determine appropriate controls to mitigate risks.
• Monitor, track, and manage risk mitigations and exceptions and ensure adequate monitoring capability is incorporated into solutions.