Resolution Analyst

Job Description

The Resolution Analyst plays a critical role in the Cyber Threat Defense Framework as an individual contributor responsible for identifying actions and owners for driving the resolution of cybersecurity risks impacting bank controls. This role will manage key relationships with action owners and work closely with the Cyber Threat Evaluation and Prevention organization to develop and implement strategies for mitigating cybersecurity risks.

The Resolution Analyst will prioritize work effectively, collaborate across functions, and drive the discovery of opportunities to improve risk outcomes through data‑driven solutions. Additionally, this role will support the Resolution Lead in enhancing cyber defense capabilities by addressing threats, incidents, and issues across the bank.

The Cyber Threat Evaluation and Prevention (CTEP) team evaluates threats and emerging risks, assesses cybersecurity controls, and defines actions for risk reduction. The four key steps in the cyber threat defense process are: threat intake, control evaluation, resolution, and quality assurance. The CTEP program integrates across Global Information Security, leveraging current risk assessments and control testing to identify gaps for action by Control Owners, Action Owners, and/or Policy/Standard owners.

The program aims to evaluate and enhance Bank of America’s risk and control environment for cybersecurity threats and emerging risks.

• Examine threat evaluation information and lead engagement with subject matter experts to identify actions to reduce risk through remediation efforts.
• Reduce risk by driving and influencing remediation work in alignment with the known threat environment, ensuring effective and sustainable outcomes.
• Work with relevant control owners and technology teams to understand and identify areas for improvement in the identification of and response to information security threats and incidents.
• Translate complex technical findings into clear risk, control, and business impacts to support decision making.
• Drive alignment across multiple stakeholders to ensure progress on risk reduction efforts in the absence of direct authority.
• Provide guidance to colleagues to strengthen risk reduction and overall team effectiveness.

• 3 years of professional experience with information security controls
• Strong data analysis skills with the ability to interpret and synthesize complex information
• Strong communication and relationship management skills across technical and non‑technical stakeholders
• Demonstrated ability to manage complex work and drive outcomes across multiple teams
• Ambitious, disciplined, hardworking, resilient, and committed to continuous learning
• Highly organized with strong project management and prioritization skills

• Bachelor’s degree in Information Technology, Business Administration, or related field
• Ability to work effectively with both technical and non‑technical business owners
• Experience operating in cross‑functional or enterprise environments
• Proficiency with Jira or similar workflow management tools

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis
• Business Acumen
• Data and Trend Analysis
• Interpret Relevant Laws, Rules, and Regulations
• Risk Analytics
• Stakeholder Management
• Access and Identity Management
• Data Governance
• Encryption
• Information Systems Management
• Technology System Assessment

Shift: 1st shift (United States of America)

Hours Per Week: 40

$95,700.00 - $ annualized salary, offers to be determined based on experience, education and skill set.

This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.

Discretionary incentive eligible: employees are eligible for an annual discretionary award based on overall individual performance results and behaviors, the performance and contributions of their line of business and/or group, and the overall success of the Company.