Bank Of America Sr Business Information Security Officer – Employee Experience Technology 

United States, Colorado, Denver 

377228991

Job Description:

The Senior Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting the Real Time Communications and Productivity Team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls. Additionally, this role will support strategic and highly visible portfolio rollouts – M365, Mobile Modernization and Virtual Desktop.

Scale/Scope

• Possess strong / experienced cybersecurity engineering and/or application security background; with solid knowledge of SDLC from design, testing, deployment to post-production and the different risk elements associated with each step.
• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for the line of business (LOB)
• Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Consults on Virtual Desktop strategy, design, implementation and migration
• Resilient infrastructure
• Stateful to stateless
• Consults on Mobile security strategy, design, implementation and migration for LOB projects
• For key initiatives – Assess security opportunities and challenges and partner to determine best future state
• Influence and drive collaboration across teams for key initiatives, bringing in key stakeholders
• Serve as subject matter expert in BISO process and participate in training for new employees
• Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related issues
• Serve as the backup for teammate responsible for supporting our End User Platforms – another high profile & visible portfolio
• For key initiatives – Assess security opportunities and challenges and partner to determine best future state
• Manages quality control and reporting
• Ensures compliance with policies and laws

• Information Security & Technology professional with 10+ years of experience in application development and/or Information Security
• 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, cloud security, DevSecOps, application architecture, design patterns, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms, including (Cloud/SaaS/IaaS/PaaS)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Strong leadership skills and qualities which enable you to work with peers and various levels of management

• Experience working on cloud implementations in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments
• Bachelors and/or Master’s degree in Computer Science, Information Technology or related field

1st shift (United States of America)