Third Party Cyber Assessor
Bank of America ATM
Third Party Cyber Assessor
Denver, Colorado;Washington, District of Columbia; Chicago, Illinois
To proceed with your application, you must be at least 18 years of age.
Acknowledge (
Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.
Acknowledge (
Refer a friend
To proceed with your application, you must be at least 18 years of age.
Acknowledge (
Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.
Acknowledge (
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits.
We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve.
Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Position Summary:
This job is responsible for performing information security reviews of third parties that provide services to the bank. Key responsibilities include travelling to work onsite with third parties to collect and review documentation including playbooks and evidence during an assessment to determine if information security controls are in place and documenting the controls in place in assessment workpapers. Key responsibilities span pre-assessment, assessment, and/or remediation activities.
Responsibilities:
Partners with third parties to ensure they are prepared for information security assessments including answering detailed questions
Evaluates a third parties information security risk with a holistic lens to determine if they meet Bank of America requirements
Discusses any information security gaps in the service provider's program with the third party
Escalates issues or risks identified during the assessment
Manages relationships with third parties and Enterprise Vendor Managers
Must be able to travel up to 10-15% (ie: once every other month)
The ability to interact with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps.
The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment
The ability to assess the security, effectiveness, and practicality of technology systems
Required Qualifications:
2+ years as a cyber Assessor.
Experience in Information Security and/or IT Audit
Technical writing and verbal communication skill
Ability to effectively work with partners at varying knowledge and organization levels.
Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
Technical skills include the domains of information security and business continuity including:
Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.)
IT Compliance, SOX Compliance
Change Management
Enterprise Risk Management
Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards
Desired Qualifications:
Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
Knowledge of NIST guidelines
Shift:
1st shift (United States of America)
Hours Per Week:
40
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.
View your "Know your Rights ( " poster.
View the LA County Fair Chance Ordinance ( .
Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work.
This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.
- ...communities and shareholders every day. Position Summary This job is responsible for performing information security reviews of third parties that provide services to the bank. Key responsibilities include occasionally travelling to work onsite with third parties to...CyberShift workDay shift
$125.3k - $233k
Opportunity Third-party relationships are central to how Booz Allen delivers technology, services, and mission outcomes at scale. As those... ...Experience in a technology, product, software, SaaS, data, AI, or cyber company. Experience in government contracting, professional...CyberFull timeContract workPart timeFor subcontractorLocal area- ...Cyber Security And Privacy Control Assessment Support This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase...Cyber
$100k - $130k
...Additionally, they will complement the existing Specialty Claims team that supports the Underwriting unit and will provide oversight of third parties and delegated authority referrals. Minimum Qualifications: ~ A Bachelor’s degree or the equivalent education and/or...SuggestedTemporary work$76.4k - $138.6k
...Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider... ...responsibilities will include supporting the validation of third-party risk assessments, identifying misconfigurations and exposed...CyberSummer holidayLocal areaFlexible hours- ...Security Control Assessor Security Control Assessor Location: Arlington, VA (On-Site) Citizenship: US only Clearance: Active TS/SCI (DHS EOD Suitability required) Company: Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB)...CyberContract workFor contractors
$90k - $103k
SkyePoint Decisions, Inc. is looking for a Regional Cyber Security Assessor to support the Diplomatic Security Cyber Mission program in Arlington, VA. This position requires U.S. citizenship and the ability to travel up to 50%. The role includes conducting security assessments...Cyber$112.5k
...Security Control Assessor Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires... ...Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing. Adhere to policies...CyberDaily paidLocal areaRemote workWork from home- Vulnerability Assessor Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required) Clearance: Active Secret... ...support the Department of War Education Activity (DoWEA) Enterprise Cyber Program. The Vulnerability Assessor will identify, analyze, and...CyberRemote work
$90k - $115k
...controls, the security categorization of information systems, applicable security control baseline based on system categorization. Review cyber/system/network security body of evidence and documentation for accuracy and completeness. Lead Post Assessment Meetings with the...CyberTemporary workWork at officeLocal areaWork from home$325k - $350k
..., SecurityScorecard's patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity...CyberRemote work$90k - $103k
Regional Cyber Security Assessor SkyePoint Decisions is seeking a Regional Cyber Security Assessor to support the Diplomatic Security Cyber Mission (DSCM) program. This is a contingent position based upon customer approval. Location Arlington, VA - Onsite 5 days a week...CyberRemote workOverseas$70k - $80k
...division in the USA. Who we are S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped companies,... ...documents are executed accurately and on time. Subcontractor & Third-Party Onboarding Lead the full subcontractor onboarding process, including...CyberPermanent employmentContract workFor subcontractorWork at officeLocal areaImmediate startDay shiftAfternoon shift- Certified CMMC Assessor (CCA)OCT Consulting is a business management and technology consulting... ...the build-out of OCT’s CMMC Certified Third-Party Assessment Organization (C3PAO) practice... ...and ISO/IEC 17020:2012. Adhere to the Cyber AB Code of Professional Conduct,...Cyber
$89k - $120k
...Cloud Sales Advisor Acronis is a global leader in cyber protection, delivering AI-powered protection for productive MSPs in a single... ...interviews without the use of AI tools, automated prompts, or third-party assistance. Interviews are designed to assess individual skills...CyberContract workWorldwideFlexible hours$124.2k - $186.2k
...data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information. About the... ...leader in data and AI security. The SOC is the first to respond to cyber security incidents, report on cyber threats, and recommend...CyberLocal areaRemote work$100k - $130k
...just growth; it's a total reimagining of how the world manages cyber risk. We build the Cyber Risk Posture Management (CRPM) platform... ...trusted architects of digital resilience. In an era where third-party risk is more complex than ever, we maintain a highly collaborative...CyberRemote workWork from homeRelocation$130.9k - $189.75k
Lead Cyber-Supply Chain Risk Management Specialist The Boeing Company is seeking a Senior Cyber‑Supply Chain Risk Management Specialist (C‑SCRM) to join the Third Party Risk and Resilience team in locations including Arlington, VA; Berkeley, MO; Mesa, AZ; North Charleston...CyberPermanent employmentContract workVisa sponsorshipWork visaFlexible hoursShift work$125k - $145k
...advanced consulting support for federal cybersecurity programs. The Cyber Solutions Architect provides enterprise-level technical... ...chain policy. Support incident response coordination involving third-party vendors and supply chain compromises, ensuring alignment across...CyberContract work- ...while impacting our national security in cyber as Repository Manager at GDIT. Here,... ...binaries, hardened container images, and third-party software dependencies. Designs repository... ...DevSecOps pipeline engineers, cybersecurity assessors, software developers, and configuration...CyberWork at office
$99k - $225k
Enterprise Cybersecurity AI Risk Analyst Opportunity Cyber threats are everywhere, and the rapid evolution of artificial intelligence is changing how organizations evaluate technology, data, third‑party services, and business risk. In all of this cyber and AI noise, how...CyberContract workWork at officeLocal areaRemote work$125k - $140k
...the U.S. Coast Guard Command, Control, Communications, Computers, Cyber and Information Operational Technology Integrated Systems (CG-C5... ...Opportunity Employer. We invite resumes from all interested parties without regard to race, color, sex, sexual preference, religion,...CyberContract workFor contractorsLocal area- ...concentration in Cybersecurity. Additional years of experience and Cyber certifications may be considered in lieu of a degree. 12-15... ...using Splunk-developed add-ons for Windows, Linux, and common third-party devices and applications Experience onboarding data into Splunk...CyberImmediate start
- .... Employees and Applicants can find A&M policy statements and additional information by region here. Unsolicited Resumes from Third-Party Recruiters Please note that as per A&M policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters...Cyber
$75k - $100k
...Product, Supply Chain Planning & Distribution and Finance (GSCP&F), Cyber Security, Legal, Ecommerce, QA, associated vendor partnerships,... ...perfect process or overbearing checklists. Coordinate with third party vendors and remote teams so your team can deliver against...CyberFull timeWork at officeLocal areaRemote workRelocationFlexible hours- ...civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution.... ...script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored]) - Knowledge of system and...CyberContract workLocal areaImmediate startFlexible hoursShift work
$113k - $188k
...Job Family Cyber Consulting Travel Required Up to 10% Clearance Required Active Secret What You Will Do Apply fundamental... ...recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring...CyberFull timeTemporary workFlexible hours- ...able to work independently and solve challenges on their own Excellent communication skills Risk management, audit, GRC (governance, risk, & compliance) Experienced performing risk assessments (cyber, third-party risk, internal audit) #J-18808-Ljbffr Insight GlobalCyber
- ...SCAs): Conduct annual SCAs for approximately 63 systems, testing a third of the security controls each year. Document and resolve issues... ...and maintain a Cyberthreat Dashboard to report on real-time cyber activities, enhancing ESOC's visibility into emerging threats. Vulnerability...CyberFor contractorsWork at officeLocal area
- ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits...Cyber
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Third Party Cyber Assessor. Be the first to apply!
- security control assessor Washington DC
- assessor Washington DC
- cyber Washington DC
- cyber threat hunter Washington DC
- cyber threat intelligence analyst Washington DC
- party planner Washington DC
- third party administrator Washington DC
- third party risk analyst Washington DC
- party chief Washington DC
- environmental site assessor



