Senior Manager, Third Party Information Security Officer

Company: Bank of America
Location: Chicago
Posted on: February 1, 2025

Job Description:

Senior Manager, Third Party Information Security OfficerApply locations: Chicago, Denver, WashingtonTime type: Full timePosted on: Posted 5 Days AgoJob requisition id: 25001532Job Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities, and shareholders every day.Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.This job is responsible for managing a team that is delivering various components within the third party information security assessment process. This includes managing assessor productivity, quality, timeliness, and Line of Business related escalations. Key responsibilities include managing a portfolio of assessments to completion while ensuring consistency and quality across the assessments and developing and sponsoring tactics to achieve strategic objectives across the organization. This includes reducing external party security gaps in partnership with business leaders, key stakeholders, third parties, and/or external parties and overseeing compliance with security policies.Job Responsibilities:

• Manages a team of assessors responsible for measuring third parties' information security risk and provides support for escalations.
• Manages team performance through effective recruiting, coaching, training, and performance management activities.
• Ensures proper integration with internal processes, governance standards, and security policies.
• Develops information security strategies to respond to challenges and opportunities and ensures team goals are aligned to these strategies.
• Identifies process optimization opportunities that will address unmet needs and enable technology and workflow enhancements.
• Establishes and maintains effective working relationships with third parties, acting as a point of contact for information security matters, communicating security requirements, and addressing any concerns or issues that arise.Required Qualifications:
• 5 to 7 years' experience in information security.
• Technical skills include the domains of information security including:
• Information Security Controls (Infrastructure Security, Access Management, Application Security, etc.).
• IT Compliance, SOX Compliance.
• Change Management.
• Enterprise Risk Management.
• Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards.
• Strong people management skills.
• Ability to hold people accountable to process while identifying improvement opportunities, process risks, and solutions.
• The ability to draw upon past knowledge and experiences to find a solution and define a path of action.
• The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment.
• The ability to identify impacted parties, share information, address needs and expectations, and resolve issues when implementing change to support adoption and delivery of expected outcomes.
• Experience communicating to Sr. Management level.
• Ability to communicate clearly and effectively with both technology/development and business partners - ability to translate between these two constituencies.
• Ability to work independently on initiatives with little oversight.Desired Qualifications:
• Bachelor's degree in information technology or related field.
• Ability to work with Technical and Non-Technical business owners.
• Experience with assessments based on relevant threat intelligence (network penetration testing, Red Teaming, etc.).
• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA.
• Knowledge of NIST guidelines.Shift: 1st shift (United States of America)Hours Per Week: 40Pay Transparency details:Pay range: $145,800.00 - $211,800.00 annualized salary, offers to be determined based on experience, education, and skill set. Discretionary incentive eligible. This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company. Benefits: This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources, and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.About UsBank of America is committed to helping employees through the transition period when they're displaced as a result of a workforce reduction, realignment, or similar measure.
  #J-18808-Ljbffr

Keywords: Bank of America, Schaumburg , Senior Manager, Third Party Information Security Officer, Executive , Chicago, Illinois