Sr. Remediation Info Security Officer (Charlotte, NC)

| Charlotte, NC
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Job Description:
Are you passionate about working with the best information security team in the world? Bank of America is hiring top talent to join our innovative and forward thinking team.
This position will be a member of the GIS Remediation team. In this role, you will help implement, manage, and monitor infrastructure remediation efforts to protect the confidentiality, integrity, and availability of the line of businesses' (LOB) information assets. You will partner with LOB points of contact, technology points of contact, and application teams to track and/or develop remediation plans for identified vulnerabilities.
You will present key findings, progress, and all hurdles and issues to GIS and LOB leadership on a regular basis and be responsible for influencing the stakeholders to prioritize/execute risk management issues and drive remediation efforts. The Information Security LOB Specialist will carry out these responsibilities in collaboration with IT, business technology groups, risk partners and GIS teams across their respective LOB.
Key responsibilities:• Analyze findings from security monitoring systems such as Qualys Scanning, Network Configuration Compliance, and Security Compliance.• Build an "Ops & Analysis" function centered on vulnerability remediation; to include building out a 24/5 follow-the-sun capability.• Identify the requirements necessary to build out a vulnerability "aggregate analysis" capability and execute based on those requirements. • Support incident requests regarding vulnerability remediation, patching/remediation status, metrics, etc.• Review all current and existing vulnerabilities for active and acceptable remediation plans. These plans may be reviewed with LOB point of contacts, Application Owners, Data Owners / Custodians or System Administrators. Verify that remediation plans are implemented per remediation plan and GIS guidelines. Review and identify any potential gaps that may result in possible audit issues.• Drive remediation of end-user device type vulnerabilities.• Assist in improving the governance of end-user remediation and act as the subject matter expert of end-user remediation governance.• Review all vulnerability scan results to identify security risks and report on findings to appropriate partners.• Respond to relevant requests received from stakeholders, or representatives of stakeholders, for investigation of potential reporting issues.• Provide all necessary reports and presentations on the status of remediation efforts and all gaps and potential obstacles or issues to management and technical staff.• Performs other related duties incidental to the work described herein and all special assignments as needed or assigned.
Required Skills:• 6+ years of experience in information security.• Good communication skills, and the ability to understand and translate cyber security threats from a technical perspective to business-line understanding and execution; ability to communicate risks and propose counter measures to senior technology executives.• Well-developed analytic and critical thinking skills, demonstrated creative problem solving abilities • Ability to work independently on initiatives with little oversight. Motivated and willing to learn• Broad technical background related to security technologies, such as Server and workstation Operating Systems, Network Security, Vulnerability Scanning Engines, Vulnerability Management lifecycle, and Compliance Management solutions• Ability to build, partner, communicate and track to completion long term project plans governing the removal, remediation, or mitigation of an array of software and hardware (to include NPT).• Ability to understand and communicate to executive leadership the risk associated with current state software and hardware environments.• Strong PC skills including Microsoft Office applications
Desired Skills:• Bachelors and/or Master's degree in Computer Science, Information Technology or related field• CISSP or equivalent certification• Strong analytic/problem solving/critical thinking skills• Ability to effectively communicate with Technical and Non-Technical business owners• Assist with internal efficiencies projects and development
This position will also be focused on the Remediation efforts regarding Non-Permitted Technology (NPT) identified and deployed in BAC. • Ability to build, partner, communicate and track to completion long term project plans governing the removal of an array of software and hardware.• Ability to understand and communicate to executive leadership the risk associated with current state software and hardware environments.• Ability to interpret multiple information security and currency assessment results
Enterprise Job Description: Partners closely with line of business leaders, to inform security risk-based decisions. Leverages deep understanding of the business and strong business acumen to provide information security expertise to key stakeholders. Utilizes experience and deep knowledge of IT platforms, tools and concepts to ensure cybersecurity requirements are integrated into all levels of decision making. Partners with business leaders, key stakeholders, vendors and/or external parties to inform security risk-based decisions. Ensures partners are executing Secure by Design efforts effectively and efficiently. Typically has 6-10 years of relevant experience. May mentor other members of the team.
1st shift (United States of America)
Hours Per Week:
Learn more about this role
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Technology we use

  • Engineering
  • Product
  • Sales & Marketing
    • .NETLanguages
    • C#Languages
    • C++Languages
    • GolangLanguages
    • JavaLanguages
    • JavascriptLanguages
    • KotlinLanguages
    • PerlLanguages
    • PythonLanguages
    • RLanguages
    • RubyLanguages
    • ScalaLanguages
    • SqlLanguages
    • SwiftLanguages
    • TypeScriptLanguages
    • D3JSLibraries
    • jQueryLibraries
    • jQuery UILibraries
    • ReactLibraries
    • ReduxLibraries
    • AngularJSFrameworks
    • ASP.NETFrameworks
    • DjangoFrameworks
    • Ember.jsFrameworks
    • HadoopFrameworks
    • Node.jsFrameworks
    • Ruby on RailsFrameworks
    • SparkFrameworks
    • SpringFrameworks
    • Google CloudFrameworks
    • AccessDatabases
    • DB2Databases
    • HBaseDatabases
    • HiveDatabases
    • InformixDatabases
    • Microsoft SQL ServerDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • Neo4jDatabases
    • OracleDatabases
    • TeradataDatabases
    • Google AnalyticsAnalytics
    • TableauAnalytics
    • InVisionDesign
    • SketchDesign
    • ConfluenceManagement
    • JIRAManagement
    • Microsoft ProjectManagement
    • WordpressCMS
    • LinkedIn SalesNavigatorCRM
    • SalesforceCRM
    • Salesforce CPQCRM
    • Salesforce PardotCRM

What are Bank of America Perks + Benefits

Volunteer in local community
Partners with Nonprofits
Friends outside of work
Eat lunch together
Intracompany committees
Daily sync
Open door policy
Team owned deliverables
Team based strategic planning
Group brainstorming sessions
Pair programming
Open office floor plan
Documented equal pay policy
Dedicated Diversity/Inclusion Staff
Highly diverse management team
Unconscious bias training
Diversity manifesto
Mean gender pay gap below 10%
Diversity Employee Resource Groups
Hiring Practices that Promote Diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability Insurance
Dental Benefits
Vision Benefits
Health Insurance Benefits
Life Insurance
Pet Insurance
Wellness Programs
Onsite Gym
Team workouts
Mental Health Benefits
Retirement & Stock Options Benefits
401(K) Matching
Company Equity
Performance Bonus
Match charitable contributions
Child Care & Parental Leave Benefits
Child Care Benefits
Generous Parental Leave
Remote Work Program
Family Medical Leave
Adoption Assistance
Restricted work hours
Return-to-work program post parental leave
Company sponsored family events
Vacation & Time Off Benefits
Generous PTO
Paid Volunteer Time
Paid Holidays
Paid Sick Days
Perks & Discounts
Casual Dress
Commuter Benefits
Company Outings
Recreational Clubs
Relocation Assistance
Fitness Subsidies
Home Office Stipend for Remote Employees
Professional Development Benefits
Job Training & Conferences
Tuition Reimbursement
Diversity Program
Lunch and learns
Cross functional training encouraged
Promote from within
Mentorship program
Continuing Education stipend
Time allotted for learning
Online course subscriptions available
Customized development tracks
Paid industry certifications

More Jobs at Bank of America

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Bank of America's full profileSee more Bank of America jobs