Global Cyber Defense Compliance and Operational Risk Executive

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world.

We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Description:
This job is responsible for leading and executing the second line of defense compliance and operational risk oversight for Global Cyber Defense, which includes network security, cyber security threat intelligence, cyber security threat simulation, cyber security event response and recovery, information defense, and cloud defense, inclusive of the full technology stack and operational processes used globally.

Key responsibilities include leading a compliance and operational risk team and ensuring requirements of the Global Compliance Enterprise Policy, the Operational Risk Management Enterprise Policy (collectively “the Policies”), the Compliance and Operational Risk Management Program and Standard Operating Procedures are implemented and the team is identifying, challenging, escalating, and mitigating risks in a timely manner.

The Executive Leader Must:

• Demonstrate the stature required to review and challenge, oversee, and manage compliance and operational risk for the global cyber defense capabilities delivered in the first line, led by the first line executive(s) reporting to the Global Chief Information Security Officer (CISO)

• Bring deep technology subject matter expertise in Cyber Defense and experience in managing these technologies and risks in highly complex environments

• Demonstrate strong relationship skills and the ability to operate at a global executive level working closely with both 1st and 2nd line global information security leaders

• Demonstrate disciplined execution, characterized by strong management and delivery skills with past success in leading large cybersecurity teams globally

• Serve on the Senior Leadership Team for Information Security Compliance and Operational Risk globally, contributing to its strategy and the successful delivery of its services as part of an integrated cyber compliance and operational risk team

Responsibilities:

• Oversees the assessment of risks, associated controls and their effectiveness, while driving compliance with applicable laws, rules, and regulations and adhering to policies

• Oversees engagement in activities which provide independent compliance and operational risk oversight of Front-Line Unit or Control Function performance and any related third party/vendor relationships in alignment with the Global Compliance - Enterprise Policy

• Operational Risk Management - Enterprise Policy (collectively the Policies) and the Compliance and Operational Risk Management Program and Standard Operating Procedures

• Oversees identification and escalation of problems or issues that arise and drives actions to address the root causes that lead to compliance risk issues and/or operational risk losses

• Oversees and manages inventory of risks and associated metrics for risk appetite and limits, reporting violations of compliance or regulatory activities 

• Manages the development of independent risk management reporting for respective area(s) of coverage for inputs into management routines which could include country/regional governance

• Oversees monitoring of the regulatory environment to identify regulatory changes applicable to area(s) of coverage

Managerial Skills:

This position will also have responsibilities for managing associates. At Bank of America, all managers at this level demonstrate the following responsibilities, in addition to those specific to the role, listed above.

• Breaks down barriers to create a more inclusive environment that supports company D&I goals

• Challenges end-to-end process efficiency and effectiveness, champion data driven decision-making and removes obstacles to optimize operations

• Contributes to enterprise strategy and influence messaging to connect team contributions to business purpose, results, and success

• Inspects and challenges risk controls, governance and culture to ensure the timely identification, escalation, debate and remediation of risk across the organization

• Coaches to sustain and elevates organizational performance while differentiating to ensure pay for performance

• Efficiently allocates and manages resources across the organization to drive short and long term profitability

• Inspects and manages the health of the bench to ensure succession for the organization, while supporting enterprise talent needs 

• Mobilizes organizational resources to deliver the full range of the bank’s capabilities to meet client needs and to gain competitive advantage

Skills:

• Subject Matter Expertise

• Regulatory Compliance

• Interpret Relevant Laws, Rules, and Regulations

• Decision Making

• Risk Management 

• Issue Management

• Policies, Procedures, and Guidelines Management

• Executive Presence

• Prioritization

• Written Communications

• Business Process Analysis

• Resource Management

• Business Acumen

• Critical Thinking

• Negotiation

Required Qualifications:

• 10+ years of technology experience in cybersecurity or other relevant discipline

• In depth understanding of the software development lifecycle, change management process, and commonly used cyber defense tools

• Experience with software development or design, including security, resiliency, and maintainability of applications

• Knowledge of best practices related the cyber technology stack and industry standard frameworks

• Understanding of functional and non-functional requirements, business objectives for software, and technology strategy and planning

• Knowledge of architecture frameworks

• Degree Required: Bachelor’s Degree

Desired Qualifications:

• Prior hands-on experience developing, deploying, and operating software applications

• Additional Technical/Functional Experience (e.g. Industry type): Financial Services or similarly regulated sector

• Communicates and Influences with Impact

• Communicates complex ideas in a way that is clear, direct, concise, simple and contextual; avoids jargon

• Shapes the opinions and actions of others, gaining trust & commitment for desired outcomes

• Adjusts style and personalizes message to best connect with others; inspires others to follow his/her lead

• Constructively challenges; supports opinion and recommendations with facts and data

• Shares opinion with confidence; is persistent and tenacious for what is right

• Demonstrates productive edge, appropriately voicing and challenging opinions

• Demonstrates productive partnering with various stakeholders across the enterprise at all levels

• Role models effective communication and influence; develops others on this skill

Shift:

1st shift (United States of America)

Hours Per Week: 

40

Pay Transparency details

US - NY - New York - ONE BRYANT PARK - BANK OF AMERICA TOWER (NY1100)

Pay and benefits information

Pay range$144,500.00 - $275,000.00 annualized salary, offers to be determined based on experience, education and skill set.

Discretionary incentive eligible

This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.

Benefits

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.