Specialist Information Security Engineer
- Camberly, England, United Kingdom Camberly England GB
- Permanent, Full time
- Bank of America Merrill Lynch
- 23 Mar 18 2018-03-23
Specialist Information Security Engineer
Corporate Title: Up to Vice President (Up to VP)
Line of Business: Global Information Security (GIS)
A VP level opportunity is available for a Specialist Information Security Engineer to work in our Global Information Security area within our Chester office.
The Information Security Engineer will be a member of the EMEA GIS BISO Operations team and will work closely with other members of the team on incoming requests for assessment and approval of initiatives across all lines of business represented in region.
They will be responsible for delivering policy-based decisions relating to both planned and existing projects within the Bank. The Information Security Engineer will drive a responsible risk-based approach to all project decisions. The successful candidate will be able to work on their own initiative and be able to communicate effectively with others to gather information, influence others to carry out required tasks and to coordinate the process.
As a Specialist Information Security Engineer your main responsibilities will involve:
- Reporting to the BISO Operations Team Lead in EMEA
- Providing guidance and advocacy regarding the definition and remediation of risk
- Performs assessment and decision recommendations at a number of key points in the project lifecycle:
- Initial Risk Analysis
- Application Security Reviews
- Infrastructure Security Reviews
- Security Architecture
- Secure Design Reviews
- Control and Risk recommendations
The successful candidate will be required to:
- Understand and review key project artefacts in order to be able to provide advisory and oversight on Information security elements of proposed designs and implementation
- Work in collaboration with the Line of Business (LOB) Risk leads and application owners to help them develop appropriate processes and solutions
- Coordinate support of Subject Matter Experts and Control processes for the projects (such as source code review, Application Design Security Frameworks (ADSF) & other GIS groups as needed)
- Work with the global BISO Operations organisation to ensure that EMEA businesses are supported in an effective, consistent and timely way.
- Support the EMEA Business Engagement Information Security Officers when needed
As a Specialist Information Security Engineer your skills and qualifications will ideally include:
- Optional: CISSP, CISM, SANS GIAC GSEC or equivalent qualification
- Experience within a technology/financial organisation at a mid-level with good knowledge of Information Security controls and risks across all levels of the OSI (Open Systems Interconnection) model
- Experience analysing projects and project artefacts such as detailed network diagrams and data flows, from a risk-based perspective
- Technical level of understanding of current technology and operations, showing an understanding of relevant subject matters
- Experience within an information security technology operational, engineering or consulting team with good knowledge of the security controls employed by the firm.
- Understanding of the concepts of vulnerability management and associated monitoring solutions and practices
- Good interpersonal skills to be able to communicate, influence and negotiate with both senior stakeholders and project managers to obtain or leverage necessary resources
- Excellent oral and written briefing skills with the ability to communicate Information Security concepts to a variety of audiences
- Previous experience working within a Technology or Information Security Function
- Show ability to work as part of a team
- An opportunity to work with an industry leading information security team, driving an information security agenda within an organisation that places huge importance on this area
- Direct engagement with senior leaders and managers to identify, manage and remediate risks
- Opportunity to work with a collaborative team, delivering a proactive and focused agenda
About Bank of America Merrill Lynch
Bank of America is one of the world's leading financial institutions, serving individual consumers, small- and middle-market businesses, large corporations and governments with a full range of financial and risk management products and services. Bank of America Merrill Lynch is the marketing name for the global banking and markets businesses.
The company has had a presence in EMEA since 1922. With offices in 23 countries on three continents, it offers an integrated and comprehensive set of products and services across Global Corporate and Investment Banking, Global Markets and Consumer Card, serving the needs of individual, corporate, institutional and government clients, combining the best of local knowledge and global expertise. Developing solutions for social and environmental challenges is at the core of Bank of America Merrill Lynch's responsibility platform. In more than 90 countries around the world, we partner with employees, clients and stakeholders to help make financial lives better.
If you're interested in this opportunity please send your details to us by applying online.
Good conduct and sound judgment is crucial to our long term success. It's important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mindset are the cornerstones of our Code of Conduct and are at the heart of managing risk well.
We are an equal opportunities employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.
As part of our standard hiring process to manage risk, please note background screening checks will be conducted on all hires before commencing employment.