The Third Party Remediation Analyst will drive remediation of issues identified through information security and business continuity assessments of third parties providing services to Bank of America. To be successful in this role, you should be highly motivated and possess strong hands-on/technical knowledge of a wide range of information security functions. You should also understand business continuity controls and the processes used for evaluating their design and effectiveness.
You should possess strong written and verbal communication skills including ability to communicate clearly and concisely to all levels, up to and including executive level management. These skills will be helpful as you also explain the need for key controls to technical and non-technical resources.
Technical skills include the domains of information security and business continuity including:
* Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.).
* IT Compliance.
* SOX Compliance.
* Change Management.
* Enterprise Risk Management.
* Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards.
* Ability to identify, analyze, and address problems to resolve issues whenever possible in way that minimizes negative impact and risk to the organization.
* Broad knowledge of various information security principles.
* Ability to work independently on initiatives with little oversight. Motivated and willing to learn.
* Strong analytical skills/problem solving/conceptual thinking.
* Effective communication skills.
* Ability to be comfortable delivering messages across a wide spectrum of individuals having varying degrees of technical understanding.
* Strong leadership skills and qualities which enable you to work with peers and various levels of management.
* Bachelor's degree in Information Technology or related field.
* Information Security Certified (ex: CISSP, CISM, etc.).
* Ability to work with Technical and Non-Technical business owners.
* Assist with internal efficiencies projects and development.
Enterprise Role Overview: As an experienced professional, provide advice to client management with regard to moderately complex security issues. Assists in the review, development, testing and implementation of security plans, products and control techniques. Coordinates the reporting data security incidents. Provides technical support to the client and management and staff in risk assessments and implementation of appropriate data security procedures and products. Monitors existing and proposed security standard setting groups. State and Federal legislation and regulations. Identifies and escalates changes that will affect information security policy, standards and procedures. Executes security controls to prevent hackers from infiltrating company information or jeopardizing e-commerce programs. Researches attempted efforts to compromise security protocols. Administers security policies to control access to systems and maintains the company firewall. Works on complex problems where analysis of situations or data requires an in-depth evaluation of various factors. Exercises judgment within broadly defined practices and policies in selecting methods, techniques, and evaluation criterion for obtaining results. Work leadership may be provided by assigning work and resolving problems. Typically 5-7 years of IT experience.
Posting Date: 06/12/2019
Location: Denver, CO, REPUBLIC PLAZA, 370 17TH ST, Chicago, IL, 135 S LA SALLE ST (IL4135), - United States
Travel: Yes, 5% of the time
Full / Part-time: Full time
Hours Per Week: 40
Shift: 1st shift