Business Information Security Risk Officer

  • Competitive
  • Charlotte, NC, USA Charlotte NC US
  • Permanent, Full time
  • Bank of America Corporation
  • 17 Mar 18 2018-03-17

Business Information Security Risk Officer

Job Description:

Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our team.

The Business Information Security Officer (BISO) function within Global Information Security is responsible for information security control enforcement, cybersecurity awareness, and enablement across all lines of business, enterprise functions, technology, and operations teams. The BISO team also leads cybersecurity external engagement.

The Business Information Security Officer (BISO) Operations team members assist in the review, development, testing and implementation of security plans, products and control techniques, including enhancement of existing processes and service offerings.

In addition, the team may be asked to provide technical support to the client, management, and staff in risk assessments and implementation of appropriate data security procedures and products. Must be able to meet demands associated with managing multiple projects in a global environment. Assist with tracking overall BISO Operations success.

Required Skills:

• 4 to 8 years of experience in cyber security or a technology-related field
• Experience in vulnerability assessment, security incident response, application security
• Evaluating threats/risks posed by new technologies spanning networks, hardware, software, etc
• Experience in analyzing and responding to advanced cyber threats, technology risk and the motivation/attack vectors of each threat
• Experience in implementation of information security strategy, including compliance with industry best practices and regulatory requirements.
• Excellent verbal and written communication skills. Ability to communicate with business leaders, users and tech-savvy stakeholders. Create reports and analyze reports for a diverse group of stakeholders
• Experience with basic SharePoint usage
• Ability to take ownership of an initiative/issue thru completion
• Ability to work in a collaborative environment
• Optional Certifications: CISSP (ISC2), CISA (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2)

Desired Skills:

• Bachelor's degree in Information Technology, information security or related field
• Detailed, bank specific access administration knowledge in Windows, Midrange and Mainframe Platforms with emphasis on security and access controls
• Strong analytical skills/problem solving/conceptual thinking
• Ability to work with technical and non-technical business owners
• Assist with internal efficiencies projects and development

Enterprise Role Overview

As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.

1st shift (United States of America)

Hours Per Week: