Bank Of America Sr Business Information Security Officer – Core Technology Infrastructure 

United States, Illinois, Chicago 

450730600

Job Description:

The Senior Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will be supporting Core Technology Infrastructure (Core TI) to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls. Additionally, this role will support Core TI strategy and highly visible initiatives.

• Serves as an Information Security subject matter expert and participates in the development, implementation and maintenance of information security for Core TI
• Provides guidance and advocacy regarding the prioritization of Core TI investments that impact information security
• Engage with Core TI leaders and their teams to raise awareness of policies, standards and process changes that can impact their initiative portfolio
• Gain a strong understanding of Core TI initiatives to share with the BISO SLT and their teams
• Advises Core TI management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Consult on Core TI strategy, design, implementation and migration for technology initiatives:
• Assess security opportunities and challenges and partner to determine best future state
• Influence and drive collaboration across teams
• Serve as subject matter expert in BISO process and participate in training and mentoring of new employees
• Monitors information security trends (internal and external to the bank) and keeps Core TI leadership informed about information security-related issues
• Serve as the backup for teammates responsible for supporting others
• Manages quality control and reporting
• Ensures compliance with policies and laws

• Information Security & Technology professional with 10+ years of experience in application development, infrastructure technologies, and/or Information Security
• 5+ years of risk management experience with proven ability to effectively apply risk principles to challenging business situations
• Subject matter expertise in application security, cloud security, DevSecOps, application architecture, design patterns, vulnerability testing and development of risk appetite
• Experience evaluating cyber security controls and providing guidance for platform or distributed computing platforms, including (Cloud/SaaS/IaaS/PaaS)
• Knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls.
• Exceptional executive presentation and communication skills
• Excellent influencing and problem resolution skills
• Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding
• Strong leadership skills and qualities which enable you to work with peers and various levels of management

• Experience working on cloud implementations in Microsoft Azure, Amazon Web Services and Google Cloud Platform environments
• Bachelors and/or Master’s degree in Computer Science, Information Technology or related field

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

1st shift (United States of America)