Sr. Business Information Security Officer – Spanish and Portuguese

Overview

Sr. Business Information Security Officer – Spanish and Portuguese

Locations:
Chicago, Illinois;
Washington, District of Columbia;
Denver, Colorado

This role reports to the Business Information Security Office (BISO) and aligns to the Global Payment Solutions organization, supporting Technology and Operations teams within the South and North American regions. The role collaborates with Front-Line Units (FLUs) and LATAM and Canada Country Executives to securely deliver against respective strategies within risk appetite. The role engages various levels across FLUs to have specialized information security risk-based discussions and provides guidance on information security topics, policies, and controls.

Shift: 1st shift (United States of America). Hours Per Week: 40.

Note:

This description reflects current Bank of America employment practices and may be subject to change. See the Know Your Rights and related notices for additional information.

To proceed with your application, you must be at least 18 years of age.

Bank of America is committed to equal employment opportunity and maintains a drug-free workplace policy.

Know Your Rights poster and related notices are provided for informational purposes only.

• Serve as a senior information security officer within BISO with a focus on risk-based discussions and prioritization of information security controls.
• Engage with Front-Line Units (FLUs) and regional executives to securely deliver against business strategies within risk appetite.
• Provide guidance on information security topics, policies, and controls across the organization.
• Collaborate with risk partners to identify and measure global information security controls on critical business processes or channels.
• Contribute to information security initiatives, development, implementation, and maintenance for FLU/Ops.
• Lead or participate in risk management and business continuity routines relevant to FLU/Ops.

• Information Security and/or Payments Technology professional with 10+ years of experience.
• 7 years of risk management experience applying risk principles to complex business situations.
• 3–5 years evaluating cyber security controls for various platforms, including knowledge of regulatory and industry frameworks (e.g., HIPAA, SWIFT CSP, PCI DSS).
• Subject matter expertise in network and application security, vulnerability testing, authentication, cryptography, key management, and risk appetite development.
• Experience with information security or architecture for messaging, API gateways, and core payment rails.
• Knowledge of Windows, Midrange, and Mainframe security and access controls.
• Strong executive communication and influencing skills.
• Ability to convey information securely to audiences with varying technical understanding.
• Leadership skills to collaborate with peers and management at various levels.

• Bachelors and/or Master’s degree in Computer Science, Information Technology, or related field.
• Contributes to ongoing information security initiatives and improvements for FLU/Ops.
• Acts as an information security subject matter expert for FLU/Ops and guides prioritization of investments affecting information security.
• Advises management on risk issues related to information security and aligns with wider risk management and compliance programs.
• Monitors information security trends and keeps leadership informed.
• Manages quality control and reporting; ensures compliance with policies and laws.
• Drives GIS/FLU/Ops risk deliverables and collaborates with risk partners on critical priorities.
• Participates in senior FLU/Ops risk management and business continuity routines.
• Builds strong partnerships with peer technology groups and provided FLU/Ops; supports risk culture and triage processes.

Regulatory, policy, and discretionary notes: This position may include notices related to equal employment opportunity and other legal compliance information as applicable.