Business Information Security Officer (BISO) - Technology

Washington, District of Columbia; Chicago, Illinois

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business and their COOs and their supporting technology teams from the Chief Information Officers (CIOs)/Chief Technology Officers (CTOs).

In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized information security risk-based discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies and controls.

Scale/Scope:
• Contribute to the ongoing information security initiatives and improvements development, implementation and maintenance of information security for the line of business (LOB)
• Serves as an Information Security subject matter expert and liaison with GIS teams and participates in the development, implementation and maintenance of information security programs for both the line of business (LOB) and the enterprise
• Provides guidance and advocacy regarding the prioritization of LOB investments that impact information security
• Advises LOB management on risk issues related to information security and recommends actions in support of the bank's wider risk management and compliance programs
• Monitors information security trends internal and external to the bank and keeps LOB leadership informed about information security-related issues
• Manages information security control alignment reporting to LOB Leadership.

Risk Management:
• Drives GIS/LOB risk deliverables
• Collaborates with risk partners on info security critical priorities
• Participates in senior LOB specific Risk Management & Business Continuity Routines
• Identifies and measures global information security (GIS) controls on most critical business processes or channels

Required Skills:
• 2-5 years of experience in technology and 5 + years in information security
• Must display subject matter experience in application security, vulnerability testing, system testing, and/or Agile lifecycle management
• Strong LOB knowledge/experience for the type of business they are aligned to (e.g..CSBB/GBM)
• 1-2 years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments.
• Experience giving presentations and superb communication skills

Washington, DC pay and benefits information