Bank Of America Sr Information Security Officer Central Intake Lead 

United States, Colorado, Denver 

97886446

In this role, you’ll be accountable for managing a wide variety of activities day-to-day, including:

• Review scope definition and criteria of SBDE program processes as bank policies, security threat landscape, and GIS review triggers change to propose continuous improvement of execution and evolution of SBDE

• Executive presence and relationship management to resolve escalation from concerned stakeholders

• Raise concerns, with analysis of examples, and recommendations of solution options to SSD Senior Leadership via process change management routines, or ad-hoc in the event of a critical concern

• Use application development / security background - solid knowledge of SDLC from sourcing/design, to testing, through deployment and the different risk elements associated with each step

• Apply continuous learning from security issues, industry best practices, and technological design patterns to evolve and enhance the Central Intake Framework

• Support documentation of requests from GCOR, Audit, et al regarding Central Intake activities and observations

• Participate in SSD tool UAT (Jira Service Manager) monthly, and update/maintain Central Intake procedures, templates, and other job/training aids

• Determine impact of SBDE program changes to Central Intake procedures (and vice versa); discuss concerns in a productive manner, seeking to reach agreement across SSD execution team leadership

• Use SSD tools to design appropriate tracking, prioritization, and reporting for use by the Central Intake team to bring senior leadership operational insight

• Onboard and train Central Intake team members with emphasis on prioritized execution of a complex, high-volume process

• Interpret conceptual diagrams for technology changes with a focus on information security details: methods, protocols, controls, etc.

• Review status of ongoing SBDE cases, understanding the purpose of each test, interpreting acceptable test results, and the working with SSD Architects, Case Managers, and Quality Assurance teams to ensure a good experience for our CIO customers

You will be successful in this role with these attributes:

• 10+ years as an Information Security / Technology professional within a highly-regulated industry

• 5+ years of risk identification experience

• Strong sense of ownership and accountability for the success of SSD programs

• Executive presence and experience discussing complex issues with technical and non-technical leaders

• Strategic thinking – high-potential ideation beyond what has succeeded in the past

• Leverages established laws, rules, regulations, and policy to rationalize decisions – comfortable providing feedback to internal policy owners when asked

• Proficiency with Jira Service Manager, Application HQ, enterprise tollgate tools (ex. CECE, GCGF Intake, PTS/R), and various GIS reporting tools (ex. Tableau, Continuous Monitoring, RSAM, Trident)

• Influencer – energized by sharing fresh methodology, and leading others to adoption of improvements

• Critical thinking – one of the first who: grasps new concepts, understands the connections between SSD work and that of other teams, and sees potential pit-falls

This job will be open and accepting applications for a minimum of seven days from the date it was posted.