Expoint - all jobs in one place

The point where experts and best companies meet

Limitless High-tech career opportunities - Expoint

Bank Of America Information Security Controls Specialist Global 
Singapore 
41993401

05.07.2024


Your background

  • Strong operational mindset and detail-oriented
  • Excellent analytical & problem-solving skills with good conceptual thinking
  • Comfortable presenting to executives and senior management
  • Understanding of information security principles, processes, and controls
  • Knowledge of APAC laws, rules, and regulations impacting information security
  • Excellent command of the English Language, with strong verbal and written communication skills
  • Bachelor’s degree in Information Technology or related field
  • CISSP or CISA Certification preferred

What you can expect

This role will require competency in information security processes and controls and a strong operational mindset.

What you will do

  • Responsible to solicit, review and deliver responses on information security processes and controls for regulatory exams, external audits and meetings, surveys/questionnaires, attestations, internal audits, and/or compliance engagements, including obtaining senior management approvals for the release of all responses.
  • Consults on-demand with internal stakeholders on alerts and advisories published by regional regulators.
  • Responsible to collaborate with internal stakeholders in identifying, onboarding and submitting non-financial regulatory reports (NFRR) change requests related to information security in a timely and accurate manner.
  • Assists Regulatory & Exam Management team in providing regional governance and support for escalation of potentially regulatory-reportable cyber incidents.
  • A self-starter, team player with a strong people-influencing skillset
  • Drive Regulatory & Exam Management team’s initiatives including globally driven ones based on annual strategy.
  • Ensure team’s processes and playbooks are up-to-date, effective and efficient.
  • 6-9 years of cyber security/risk/regulatory experience
  • Certification desired but not required: CISSP, CRISC, CISM
  • Conduct cyber risk assessment in support of technology initiatives to help identify IT related risk and determine appropriate controls to mitigate risks.
  • Monitor, track, and manage risk mitigations and exceptions and ensure adequate monitoring capability is incorporated into solutions.