Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
You can build a successful career with opportunities to learn, grow, and make an impact. Join us!
This Sr. Cloud Security Controls Governance Specialist is responsible for assessing the bank's Third-Party SaaS cloud technologies, applications, and overall security controls to identify potential risks and vulnerabilities that may impact Bank of America's information security. Key responsibilities include conducting security assessments, identifying risks, ensuring compliance with security standards, and collaborating with internal and external stakeholders to mitigate risks. Job expectations include providing expert technical guidance to support partners and adapting testing methods to emerging cyber security regulations and evolving threats, while developing others on the team. Generally requires 7+ years of related experience.
Want more jobs like this?
Get jobs delivered to your inbox every week.
Key Responsibilities:
• Conduct cloud security review of third-party vendor SaaS solutions for compliance to bank cloud security policies and controls by utilizing external threat frameworks, internal threat intelligence, and systems documentation
• Leverages risk management practices, and internal escalation processes to document findings for remediation
• Develop and implement security controls for cloud infrastructure SaaS based on industry best practices, compliance requirements, and bank security policies.
• Develop and maintain documentation for cloud security controls, policies, and procedures that evaluates API security, data protection strategies, and identity management controls in the banks third-party SaaS solutions.
• Monitor and evaluate the effectiveness of existing cloud security controls and recommend enhancements.
• Participate in internal and external audits to demonstrate compliance with cloud security requirements.
• Act as a liaison between the security team and other departments to promote a security-first culture.
• Stay current with emerging cloud security trends, technologies, and best practices.
Requirements:
• Strong communication and interpersonal skills to work effectively with cross-functional teams.
• Ability to manage multiple projects and priorities in a fast-paced environment.
• Strong knowledge of the bank Third Party processes
• Strong analytical and problem-solving skills.
• Ability to communicate security risks effectively to technical and non-technical stakeholders.
• Excellent collaboration and negotiation skills with vendors and internal teams.
• Continuous learning mindset and adaptability to evolving security challenges.
• Strong understanding of cloud security principles and best practices of public cloud service providers.
• Extensive knowledge of security tools and technologies such as SIEM, IDS/IPS, DLP, firewalls, PKI, and identity management.
• Extensive knowledge of public cloud service providers and the threats to workloads within those environments
Shift:
1st shift (United States of America)
Hours Per Week:
40
Pay Transparency details
US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540)
Pay and benefits information
Pay range
$130,000.00 - $176,900.00 annualized salary, offers to be determined based on experience, education and skill set.
Discretionary incentive eligible
This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.
Benefits
This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.