Identity & Access Management; IAM Information Security Controls Specialist; data mining​/data

Job Description

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

GIS is responsible for protecting the bank's information systems, confidential and proprietary data, and customer information. GIS develops and executes the bank's information security strategy, manages the enterprise security program, identifies and remediates vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents.

IAM ensures the right individuals have the right access to the right resources at the right time‑across increasingly heterogeneous environments and within rigorous compliance standards.

In today's connected ecosystem, safeguarding user identity is critical to the safety and success of our global workforce. The IAM team partners closely within Global Information Security, all Lines of Business, and second- and third-line functions. This highly visible role involves frequent engagement with senior leaders and key stakeholders.

If you excel in dynamic, fast‑paced, global environments and are passionate about modern security technologies, this is the place for you. You will collaborate with subject‑matter experts, drive meaningful risk reduction, support operational excellence, and help strengthen the bank's overall identity security posture.

The IAM Info Security Controls Specialist analyzes, strengthens, and secures the company's IAM systems and risk posture across End User Access Management and Application Services. This role collaborates across Lines of Business and Technology teams to continuously enhance access control compliance, improve governance programs, and ensure swift and accurate adherence to IAM Standards.

• Establish and maintain strong partnerships across GIS, Global Technology (GT), Cyber Security Technology (CST), Third Party Management, Global Compliance & Operational Risk (GCOR), internal audit, and external regulators; provide accurate and timely audit and regulatory responses.
• Perform Quality Assurance (QA) activities to validate access control compliance, monitor control health, and support accurate and sustainable metrics reporting.
• Monitor and support GT application adherence to IAM controls; manage governance programs, respond to program inquiries, maintain source-of-record updates, execute ARM ticket management, and ensure comprehensive program documentation.
• Identify opportunities to de‑risk IAM controls by analyzing current capabilities, detecting framework or process gaps, and recommending targeted enhancements aligned with enterprise security strategy.
• Maintain high‑quality QA documentation, audit artifacts, process workflows, and training materials to support transparency and repeatability.
• Lead QA governance activities for End User Access Management and Application Services, ensuring alignment with IAM Standards and enterprise policies.
• Manage and maintain exceptions to the IAM Standard, ensuring appropriate risk justification, approvals, and periodic recertification per governance protocols.
• Ensure technology systems meet enterprise standards and fully comply with regulatory, legal, and risk…