Bank Of America Application Security Product Manager 

United States, Colorado, Denver 

288507199

Key Responsibilities:

• Product Vision and Strategy: Define and communicate a clear product vision that aligns with our Cybersecurity, Line of Business and Customer Goals considering market trends and feedback.
• Prioritization & Backlog Refinement: Capture demand, prioritize mitigation of key risks and maintain a backlog to ensure the development team is working on the right things in the right order.
• Compliance & Governance: Demonstrate that our application development pipelines enable compliance with internal control requirements and regulatory obligations, with robust reporting and dashboards.
• Advocacy: Communicate the efficiencies of building code with security in mind for a Cybersecurity vision and roadmap to stakeholders, and the team, to drive user adoption.
• Collaboration: Work closely with DevOps, engineering, and IT teams to integrate security best practices into CI/CD pipelines, ensuring secure and efficient deployment processes.
• Documentation: Maintain comprehensive documentation of security controls, policies, and procedures for cloud environments.

Qualifications:

• Experience: Significant experience (5+ years) in Product Management in cybersecurity across multiple domains, with a strong focus on application security testing and integrating controls as code.
• Technical Expertise: Deep knowledge of application security testing, threat modeling, and modern application design patterns including Cloud-native and containers, and experience building and operating security tools and services.
• Security Frameworks: Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their application in cloud environments.
• Agile Delivery: Experience working in modern development teams, leveraging agile concepts and frameworks used for planning, refinement, prioritization.
• DevSecOps: Strong understanding of DevSecOps principles and experience integrating security into CI/CD pipelines and operational processes.
• Problem-Solving: Excellent problem-solving skills, with the ability to think critically and adapt to new challenges and communicate insights in simple terms.
• Communication: Strong written and verbal communication skills, with the ability influence at all levels by explain complex security concepts to non-technical stakeholders.
• Experience working in a highly regulated industry

Desired:

• Certifications: Relevant certifications such as CISSP, CCSP, GSEC, GWEB, CEH, AWS Certified Security, Azure Developer Associate & Azure Security Engineer Associate
• 10+ years experience in Product Management/Program Management roles

Skills:

• Planful : Thoughtfully setting, proactively managing, and predictably achieving commitments through strategy, process, communication, and delivery.
• Ownership : Acceptance of full responsibility for delivery outcome – “buck stops here” mentality. And collaboratively addressing problems as they arise.
• Connected: Clear orientation and understanding of where you, your team, your work/priorities join with others in a common goal.
• Consistency: Drive toward and adoption of logical, efficient, and sustainable processes and tools to achieve predictable results.
• Accuracy: Achieving business value (as agreed with key stakeholders and control partners) within defined tolerance across measurable parameters (scope, schedule, cost).

1st shift (United States of America)