Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We're devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

• This role is responsible for completing and tracking compliance deliverables to ensure applications adhere to applicable policies and standards as well as local laws, rules and regulations (LRR)
• Key responsibilities include completing administrative and non-technical tasks related to compliance deliverables and infrastructure requests for the applications they support. They support vendors, development teams and technology managers to ensure technical security, risk, and other compliance activities are completed on-time and per requirements. These individuals partner closely with control functions, risk management and Global Information Security (GIS) and are familiar with the applicable policies, standards, LRRs, contacts and procedures so that the compliance deliverables are completed effectively and efficiently
• Works with multiple teams and managers at the program level, under the supervision from a more senior domain expert
• Ensure that risk, security, and other compliance deliverables are completed on time and per requirements for the applications they support
• Complete administrative and non-technical tasks related to compliance deliverables (for example, access reviews, assessments, questionnaires, procedural requirements, and so on)
• Assist with audit exams and risk assessments for the applications
• Track and support the technical security and risk activities performed by the development teams (i.e., remediation of nonpermitted technology or security vulnerabilities, technical recovery planning, disaster recovery exercises, and so on)
• Maintain data about the application in AppHQ and other systems of record
• Governance & Stakeholder Management - Contributes to artifacts needed for governance forums. Understands stakeholder expectations and creates regular updates to keep stakeholders informed
• Risk Management - Identifies risk/dependencies and quantifies the impact it has on the business/technology

• 5+ years of IT experience in Business Analysis and Risk Compliance Tech Delivery
• Microsoft Office (Word, PowerPoint, Excel, Pivots, Macros)
• Demonstrated strong communication and organizational skills and attention to detail
• Ability to connect multiple data sources to create meaningful analysis and information for KPI reporting
• Strong follow up and ensuring projects are driven to completion across various time zones
• Weekly Report generation, JIRA-Kanban, ITIL process
• Analytical Thinking - Possesses knowledge of prior solutions to existing problems and applies them to solve
• Demonstrate ability to work independently with minimal supervision
• Demonstrate knowledge of agile working methodology
• Excellent oral and written communication skills at all levels of the firm (e.g., senior and executive leaders)
• Excellent time management and prioritization skills
• Ability to guide projects through all phases, ensuring required standards and processes are followed, required documents are completed, and required tracking systems are kept updated
• Experience creating and executing project plans across global platform
• Basic understanding of Information security, understanding of Unix, Windows OS

• CISA, CISSP / CISM background
• Reporting, presentation, MS Suite, Communication, Jira / Kanban, Technology and Risk understanding. Weekly Report generation, ITIL process
• Familiarity with business resiliency processes and concepts, risk management principles, technology change management, and/or audit response and preparation methods
• Familiar with remedy / nexus ticketing systems, Patch deployment / management process, CI/CD, DevOps
• Application Management
• Bachelor's degree
• Certifications ITILV2, CISA, CISSP, RHEL

• Collaboration
• DevOps Practices
• Risk Management
• Analytical Thinking
• Technical Strategy Development
• Agile Practices
• Result Orientation