Senior Manager, Third Party Info Security Officer

Bank of America

Bank of America

Denver, CO, USA · Chicago, IL, USA · United States · Remote
Posted on Wednesday, July 3, 2024

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Responsibilities:

  • Manages a team of assessors responsible for measuring a third parties information security risk and provides support for escalations

  • Manages team performance through effective recruiting, coaching, training, and performance management activities

  • Ensuring proper integration with internal processes, governance standards, and security policies

  • Develops information security strategies to respond to challenges and opportunities and ensures team goals are aligned to these strategies

  • Identifies process optimization opportunities that will address unmet needs and enable technology and workflow enhancements

  • Establishes and maintains effective working relationships with third parties, acting as a point of contact for information security matters, communicating security requirements, and addressing any concerns or issues that arise

Required Qualifications:

  • 5 to 7 years’ experience in information security

  • Technical skills include the domains of information security and business continuity including:

  • Information Security Controls (Infrastructure Security, Access Management, Application Security, etc.)

  • IT Compliance, SOX Compliance

  • Change Management

  • Enterprise Risk Management

  • Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards

  • Strong people management skills

  • Ability to hold people accountable to process, while identifying improvement opportunities, process risks, and solutions.

  • The ability to draw upon past knowledge and experiences to find a solution and define a path of action.

  • The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment.

  • The ability to identify impacted parties, share information, address needs and expectations, and resolve issues when implementing change, to support adoption and delivery of expected outcomes.

  • Experience communicating to Sr. Management level

  • Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.

  • Ability to work independently on initiatives with little oversight

Desired Qualifications:

  • Bachelor’s degree in information technology or related field

  • Ability to work with Technical and Non-Technical business owners

  • Experience with assessments based on relevant threat intelligence (network penetration testing, Red Teaming, etc.).

  • Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA

  • Knowledge of NIST guidelines

  • This job will be open and accepting applications for a minimum of seven days from the date it was posted.


1st shift (United States of America)

Hours Per Week: