Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world.
We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!
Job Description:
This job is responsible for leading and executing the second line of defense compliance and operational risk oversight for Global Cyber Defense, which includes network security, cyber security threat intelligence, cyber security threat simulation, cyber security event response and recovery, information defense, and cloud defense, inclusive of the full technology stack and operational processes used globally.
Key responsibilities include leading a compliance and operational risk team and ensuring requirements of the Global Compliance Enterprise Policy, the Operational Risk Management Enterprise Policy (collectively “the Policies”), the Compliance and Operational Risk Management Program and Standard Operating Procedures are implemented and the team is identifying, challenging, escalating, and mitigating risks in a timely manner.
The Executive Leader Must:
Demonstrate the stature required to review and challenge, oversee, and manage compliance and operational risk for the global cyber defense capabilities delivered in the first line, led by the first line executive(s) reporting to the Global Chief Information Security Officer (CISO)
Bring deep technology subject matter expertise in Cyber Defense and experience in managing these technologies and risks in highly complex environments
Demonstrate strong relationship skills and the ability to operate at a global executive level working closely with both 1st and 2nd line global information security leaders
Demonstrate disciplined execution, characterized by strong management and delivery skills with past success in leading large cybersecurity teams globally
Serve on the Senior Leadership Team for Information Security Compliance and Operational Risk globally, contributing to its strategy and the successful delivery of its services as part of an integrated cyber compliance and operational risk team
Responsibilities:
Oversees the assessment of risks, associated controls and their effectiveness, while driving compliance with applicable laws, rules, and regulations and adhering to policies
Oversees engagement in activities which provide independent compliance and operational risk oversight of Front-Line Unit or Control Function performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy
Operational Risk Management - Enterprise Policy (collectively the Policies) and the Compliance and Operational Risk Management Program and Standard Operating Procedures
Oversees identification and escalation of problems or issues that arise and drives actions to address the root causes that lead to compliance risk issues and/or operational risk losses
Oversees and manages inventory of risks and associated metrics for risk appetite and limits, reporting violations of compliance or regulatory activities
Manages the development of independent risk management reporting for respective area(s) of coverage for inputs into management routines which could include country/regional governance
Oversees monitoring of the regulatory environment to identify regulatory changes applicable to area(s) of coverage
Managerial Skills:
This position will also have responsibilities for managing associates. At Bank of America, all managers at this level demonstrate the following responsibilities, in addition to those specific to the role, listed above.
Breaks down barriers to create a more inclusive environment that supports company D&I goals
Challenges end-to-end process efficiency and effectiveness, champion data driven decision-making and removes obstacles to optimize operations
Contributes to enterprise strategy and influence messaging to connect team contributions to business purpose, results, and success
Inspects and challenges risk controls, governance and culture to ensure the timely identification, escalation, debate and remediation of risk across the organization
Coaches to sustain and elevates organizational performance while differentiating to ensure pay for performance
Efficiently allocates and manages resources across the organization to drive short and long term profitability
Inspects and manages the health of the bench to ensure succession for the organization, while supporting enterprise talent needs
Mobilizes organizational resources to deliver the full range of the bank’s capabilities to meet client needs and to gain competitive advantage
Skills:
Subject Matter Expertise
Regulatory Compliance
Interpret Relevant Laws, Rules, and Regulations
Decision Making
Risk Management
Issue Management
Policies, Procedures, and Guidelines Management
Executive Presence
Prioritization
Written Communications
Business Process Analysis
Resource Management
Business Acumen
Critical Thinking
Negotiation
Required Qualifications:
10+ years of technology experience in cybersecurity or other relevant discipline
In depth understanding of the software development lifecycle, change management process, and commonly used cyber defense tools
Experience with software development or design, including security, resiliency, and maintainability of applications
Knowledge of best practices related the cyber technology stack and industry standard frameworks
Understanding of functional and non-functional requirements, business objectives for software, and technology strategy and planning
Knowledge of architecture frameworks
Degree Required: Bachelor’s Degree
Desired Qualifications:
Prior hands-on experience developing, deploying, and operating software applications
Additional Technical/Functional Experience (e.g. Industry type): Financial Services or similarly regulated sector
Communicates and Influences with Impact
Communicates complex ideas in a way that is clear, direct, concise, simple and contextual; avoids jargon
Shapes the opinions and actions of others, gaining trust & commitment for desired outcomes
Adjusts style and personalizes message to best connect with others; inspires others to follow his/her lead
Constructively challenges; supports opinion and recommendations with facts and data
Shares opinion with confidence; is persistent and tenacious for what is right
Demonstrates productive edge, appropriately voicing and challenging opinions
Demonstrates productive partnering with various stakeholders across the enterprise at all levels
Role models effective communication and influence; develops others on this skill
Shift:
1st shift (United States of America)
Hours Per Week:
40
Pay Transparency details
US - NY - New York - ONE BRYANT PARK - BANK OF AMERICA TOWER (NY1100)Pay and benefits informationPay range$144,500.00 - $275,000.00 annualized salary, offers to be determined based on experience, education and skill set.Discretionary incentive eligibleThis role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.BenefitsThis role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.
