Business Information Security Officer (BISO)

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business, their COOs, and supporting technology teams from the Chief Information Officers (CIOs) and Chief Technology Officers (CTOs).

In this role, you will support a team to develop a deep understanding of the business to have specialized, risk-based information security discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies, and controls.

1. Contribute to ongoing information security initiatives, including development, implementation, and maintenance for the line of business (LOB).
2. Serve as an information security subject matter expert and liaison with GIS teams; participate in the development, implementation, and maintenance of information security programs for both the LOB and the enterprise.
3. Provide guidance and advocacy on prioritizing LOB investments impacting information security.
4. Advise LOB management on risk issues related to information security and recommend actions supporting the bank's broader risk management and compliance programs.
5. Monitor internal and external information security trends and keep LOB leadership informed about relevant issues.
6. Manage information security control alignment reporting to LOB leadership.

1. Drive GIS/LOB risk deliverables.
2. Collaborate with risk partners on critical information security priorities.
3. Participate in senior LOB-specific risk management and business continuity routines.
4. Identify and measure global information security controls on critical business processes or channels.

1. Build strong partnerships with peer technology groups and supported LOB.
2. Support the triage process with clients and help them understand the GIS support structure.
3. Promote a risk-aware culture and partnership with peer technology teams and LOB.
4. Participate in key CIO routines to drive information security risk strategy.
5. Have a solid grasp of security in big data and large data structures.

• 2-5 years of experience in technology and over 5 years in information security.
• Subject matter expertise in application security, vulnerability testing, system testing, and/or Agile lifecycle management.
• Strong LOB knowledge/experience relevant to their aligned business (e.g., CSBB/GBM).
• 1-2 years of risk management experience or direct participation in related processes.
• Excellent presentation and communication skills.

1st shift (United States of America)

40

Locations: Washington, DC and Chicago, IL

Pay range: $98,200 - $146,600 annually, based on experience, education, and skills.

This role is eligible for discretionary incentives and benefits, including paid time off, resources, and support to contribute to business growth and community impact.