Identity & Access Management (IAM) Governance & Controls Analyst

Bank of America

Washington

USD 78,000 - 138,000

Charlotte, North Carolina; Washington, District of Columbia; Addison, Texas; Denver, Colorado; Jacksonville, Florida

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being a diverse and inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Summary:

Global Information Security (GIS) is responsible for protecting bank through Information Security strategy, policy/standards, manages the Information Security program, identifies and addresses vulnerabilities and operates global security operations center that monitor, detects and responds to cybersecurity incidents.Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context. IAM addresses the mission-critical need to ensure appropriate access to the resources across increasingly heterogeneous technology environments, and to meet increasingly rigorous identity requirements.

What you can expect in IAM:

In today’s highly connected world, managing and securing the identity of users is essential to the safety and success of our workforce. The IAM team works within Global Information Services (GIS) and in close participation with all lines of business (LOB), as well as second and third line of defense partners. This role is highly visible and requires frequent interaction with senior management and key stakeholders.

Are you passionate about the latest IT technologies and thrive in a fast-paced international environment? In a typical day, you may work with other team members on the book of work, operational concerns, or risk items.You will help overcome obstacles and maintain good relationships with key stakeholders across the Bank to ensure timely and effective delivery. We offer you the opportunity to collaborate with passionate competent people, experts in their field. We thrive on being challenged and everything we do is anchored in managing risk for the Bank.

The IAM Information Security Controls Specialist will analyze, strengthen, and secure the company's related systems and overall security posture for identity and resource lifecycle governance. This role focuses on collaboration across all Lines of Business, CIO teams, to continuously improve the organization's adherence to security best practices, laws/rules/regulations, and policies. The Control Specialist will analyze technology, controls and various other areas to identify inefficiencies and drive designing of improvement opportunities to enable adherence.

The role also will actively apply knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, and report on adherence to policy requirements. Job expectations include using data analytics and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.

Responsibilities:

Primary responsibility includes assisting IAM leads and partners along with other technology SMEs to ensure that strategic and effective solutions are adopted across the bank.

Support leads to ensure that all related IAM requirements are appropriately measured, reported, and governed.

Establish and maintain strong partnership with other GIS functions, Core Technology Infrastructure, Cyber Security Technology, Third Party management, Global Compliance and Operations Risk, internal audit, and regulatory agencies.

Clearly articulate rationale and methods behind proposed changes through informative materials for educating others.

Provide education and documentation to team members and technology partners regarding the proposed changes.

Engage senior management to provide factual, transparent, and timely reporting on existing and emerging identity and authentication risks.

Ensures Information Technology systems meet enterprise standards, adhere to applicable rules, laws, and regulations, and comply with appropriate treatment of risk.

Required Qualifications:

Knowledge and understanding of IAM specific laws, rules, regulations, and Guidelines such as SOX, OCC, NIST, ISO/EC, FFIEC within the financial services sector.

Knowledge of identity and authentication methodologies, techniques, and technologies.

Knowledge of IAM Governance Administration related tools which support, account vaulting, integration with service management tool.

5+ years relevant hands-on experience in identity and authentication fields in a large and complex organization.

Security knowledge which covers core technology infrastructure (Account management, servers, databases, etc.) identity management and application security practice.

Experience with Linux, Windows, Cloud Identity, Access Management, design and architecture of authentication services or Identity Store.

Proficient in articulating facts and data-driven plans and ability to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to relevant Identity and Authentication requirement within IAM standards.

Strong attention to detail and advanced analytical skills.

Excellent communication and presentation skills.

Excellent organizational skills and be able to effectively prioritize multiple tasks.

Hands on experience and involvement in large and complex projects.

Proficient in data management capabilities with understanding of the collection and management of metadata.

Experience with Tableau and SQL would be an advantage.

Previous experience with access related management tools like SailPoint, AZURE AD, ForgeRock Identity Platform, Oracle Access Management, and Cloud would be a plus.

This job will be open and accepting applications for a minimum of seven days from the date it was posted.

$78,200.00 - $137,700.00annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Washington, DC pay and benefits information

Washington, DC pay range:

$78,200.00 - $137,700.00annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

By clicking Continue, you will be taken to a website that is not affiliated with Bank of America and may offer a different privacy policy and level of security. Bank of America is not responsible for and does not endorse, guarantee or monitor content, availability, viewpoints, products or services that are offered or expressed on other websites. Please refer to the website’s posted privacy terms and use.

You can click the Continue button to proceed or the Cancel button to return to the previous page.