Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Third Party Cyber Assessor

Bank of America ATM

Third Party Cyber Assessor

Denver, Colorado;Washington, District of Columbia; Chicago, Illinois

To proceed with your application, you must be at least 18 years of age.

Acknowledge (

Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.

Acknowledge (

Refer a friend

To proceed with your application, you must be at least 18 years of age.

Acknowledge (

Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.

Acknowledge (

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits.

We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve.

Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Position Summary:

This job is responsible for performing information security reviews of third parties that provide services to the bank. Key responsibilities include travelling to work onsite with third parties to collect and review documentation including playbooks and evidence during an assessment to determine if information security controls are in place and documenting the controls in place in assessment workpapers. Key responsibilities span pre-assessment, assessment, and/or remediation activities.

Responsibilities:

  • Partners with third parties to ensure they are prepared for information security assessments including answering detailed questions

  • Evaluates a third parties information security risk with a holistic lens to determine if they meet Bank of America requirements

  • Discusses any information security gaps in the service provider's program with the third party

  • Escalates issues or risks identified during the assessment

  • Manages relationships with third parties and Enterprise Vendor Managers

  • Must be able to travel up to 10-15% (ie: once every other month)

  • The ability to interact with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps.

  • The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment

  • The ability to assess the security, effectiveness, and practicality of technology systems

Required Qualifications:

  • 2+ years as a cyber Assessor.

  • Experience in Information Security and/or IT Audit

  • Technical writing and verbal communication skill

  • Ability to effectively work with partners at varying knowledge and organization levels.

  • Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.

  • Technical skills include the domains of information security and business continuity including:

  • Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.)

  • IT Compliance, SOX Compliance

  • Change Management

  • Enterprise Risk Management

  • Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards

Desired Qualifications:

  • Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA

  • Knowledge of NIST guidelines

Shift:

1st shift (United States of America)

Hours Per Week:

40

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

View your "Know your Rights ( " poster.

View the LA County Fair Chance Ordinance ( .

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work.

This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Vacancy posted 2 days ago
Similar jobs that could be interesting for youBased on the Third Party Cyber Assessor in Washington DC vacancy
  •  ...communities and shareholders every day. Position Summary This job is responsible for performing information security reviews of third parties that provide services to the bank. Key responsibilities include occasionally travelling to work onsite with third parties to... 
    Cyber
    Shift work
    Day shift

    Bank of America

    Washington DC
    3 days ago
  • $125.3k - $233k

    Opportunity Third-party relationships are central to how Booz Allen delivers technology, services, and mission outcomes at scale. As those...  ...Experience in a technology, product, software, SaaS, data, AI, or cyber company. Experience in government contracting, professional... 
    Cyber
    Full time
    Contract work
    Part time
    For subcontractor
    Local area

    Booz Allen Hamilton

    Mc Lean, VA
    1 day ago
  •  ...Cyber Security And Privacy Control Assessment Support This role offers excellent compensation, career growth potential, and a total rewards package that includes PTO, paid holidays and corporate events, continuing education reimbursements, 401K, an Employee Stock Purchase... 
    Cyber

    Tetra Tech

    Arlington, VA
    1 day ago
  • $100k - $130k

     ...Additionally, they will complement the existing Specialty Claims team that supports the Underwriting unit and will provide oversight of third parties and delegated authority referrals. Minimum Qualifications: ~ A Bachelor’s degree or the equivalent education and/or... 
    Suggested
    Temporary work

    LotSolutions, Inc.

    Washington DC
    23 days ago
  • $76.4k - $138.6k

     ...Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider...  ...responsibilities will include supporting the validation of third-party risk assessments, identifying misconfigurations and exposed... 
    Cyber
    Summer holiday
    Local area
    Flexible hours

    EY

    Washington DC
    8 days ago
  •  ...Security Control Assessor Security Control Assessor Location: Arlington, VA (On-Site) Citizenship: US only Clearance: Active TS/SCI (DHS EOD Suitability required) Company: Argo Cyber Systems, LLC - Service-Disabled Veteran-Owned Small Business (SDVOSB)... 
    Cyber
    Contract work
    For contractors

    Argo Cyber Systems

    Arlington, VA
    4 days ago
  • $90k - $103k

    SkyePoint Decisions, Inc. is looking for a Regional Cyber Security Assessor to support the Diplomatic Security Cyber Mission program in Arlington, VA. This position requires U.S. citizenship and the ability to travel up to 50%. The role includes conducting security assessments... 
    Cyber

    SkyePoint Decisions, Inc.

    Arlington, VA
    5 days ago
  • $112.5k

     ...Security Control Assessor Leidos is seeking mid- to senior-level Security Control Assessors to join our SCA team. This position requires...  ...Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing. Adhere to policies... 
    Cyber
    Daily paid
    Local area
    Remote work
    Work from home

    Leidos

    Alexandria, VA
    4 days ago
  • Vulnerability Assessor Location: Alexandria, VA (Hybrid - Telework with periodic on-site support as required) Clearance: Active Secret...  ...support the Department of War Education Activity (DoWEA) Enterprise Cyber Program. The Vulnerability Assessor will identify, analyze, and... 
    Cyber
    Remote work

    ASRC Federal

    Alexandria, VA
    3 days ago
  • $90k - $115k

     ...controls, the security categorization of information systems, applicable security control baseline based on system categorization. Review cyber/system/network security body of evidence and documentation for accuracy and completeness. Lead Post Assessment Meetings with the... 
    Cyber
    Temporary work
    Work at office
    Local area
    Work from home

    Vaultes, LLC

    Washington DC
    5 days ago
  • $325k - $350k

     ..., SecurityScorecard's patented rating technology is used by over 25,000 organizations for self-monitoring, third-party risk management, board reporting, and cyber insurance underwriting; making all organizations more resilient by allowing them to easily find and fix cybersecurity... 
    Cyber
    Remote work

    SecurityScorecard

    Washington DC
    1 day ago
  • $90k - $103k

    Regional Cyber Security Assessor SkyePoint Decisions is seeking a Regional Cyber Security Assessor to support the Diplomatic Security Cyber Mission (DSCM) program. This is a contingent position based upon customer approval. Location Arlington, VA - Onsite 5 days a week... 
    Cyber
    Remote work
    Overseas

    SkyePoint Decisions, Inc.

    Arlington, VA
    5 days ago
  • $70k - $80k

     ...division in the USA. Who we are S-RM is a global intelligence and cyber security consultancy. Since 2005, we’ve helped companies,...  ...documents are executed accurately and on time. Subcontractor & Third-Party Onboarding Lead the full subcontractor onboarding process, including... 
    Cyber
    Permanent employment
    Contract work
    For subcontractor
    Work at office
    Local area
    Immediate start
    Day shift
    Afternoon shift

    S-RM Intelligence and Risk Consulting

    Washington DC
    1 day ago
  • Certified CMMC Assessor (CCA)OCT Consulting is a business management and technology consulting...  ...the build-out of OCT’s CMMC Certified Third-Party Assessment Organization (C3PAO) practice...  ...and ISO/IEC 17020:2012. Adhere to the Cyber AB Code of Professional Conduct,... 
    Cyber

    Elea Ecuador

    Mc Lean, VA
    4 days ago
  • $89k - $120k

     ...Cloud Sales Advisor Acronis is a global leader in cyber protection, delivering AI-powered protection for productive MSPs in a single...  ...interviews without the use of AI tools, automated prompts, or third-party assistance. Interviews are designed to assess individual skills... 
    Cyber
    Contract work
    Worldwide
    Flexible hours

    Almaz Capital

    Washington DC
    3 days ago
  • $124.2k - $186.2k

     ...data protection, and ensures data sharing relationships with third parties in order to securely protect Rubrik information. About the...  ...leader in data and AI security. The SOC is the first to respond to cyber security incidents, report on cyber threats, and recommend... 
    Cyber
    Local area
    Remote work

    Rubrik

    Washington DC
    5 days ago
  • $100k - $130k

     ...just growth; it's a total reimagining of how the world manages cyber risk. We build the Cyber Risk Posture Management (CRPM) platform...  ...trusted architects of digital resilience. In an era where third-party risk is more complex than ever, we maintain a highly collaborative... 
    Cyber
    Remote work
    Work from home
    Relocation

    UpGuard

    Washington DC
    4 days ago
  • $130.9k - $189.75k

    Lead Cyber-Supply Chain Risk Management Specialist The Boeing Company is seeking a Senior Cyber‑Supply Chain Risk Management Specialist (C‑SCRM) to join the Third Party Risk and Resilience team in locations including Arlington, VA; Berkeley, MO; Mesa, AZ; North Charleston... 
    Cyber
    Permanent employment
    Contract work
    Visa sponsorship
    Work visa
    Flexible hours
    Shift work

    Boeing

    Arlington, VA
    1 day ago
  • $125k - $145k

     ...advanced consulting support for federal cybersecurity programs. The Cyber Solutions Architect provides enterprise-level technical...  ...chain policy. Support incident response coordination involving third-party vendors and supply chain compromises, ensuring alignment across... 
    Cyber
    Contract work

    Lafayette Group

    Arlington, VA
    4 days ago
  •  ...while impacting our national security in cyber as Repository Manager at GDIT. Here,...  ...binaries, hardened container images, and third-party software dependencies. Designs repository...  ...DevSecOps pipeline engineers, cybersecurity assessors, software developers, and configuration... 
    Cyber
    Work at office

    General Dynamics

    Falls Church, VA
    2 days ago
  • $99k - $225k

    Enterprise Cybersecurity AI Risk Analyst Opportunity Cyber threats are everywhere, and the rapid evolution of artificial intelligence is changing how organizations evaluate technology, data, third‑party services, and business risk. In all of this cyber and AI noise, how... 
    Cyber
    Contract work
    Work at office
    Local area
    Remote work

    Booz Allen Hamilton

    Mc Lean, VA
    2 days ago
  • $125k - $140k

     ...the U.S. Coast Guard Command, Control, Communications, Computers, Cyber and Information Operational Technology Integrated Systems (CG-C5...  ...Opportunity Employer. We invite resumes from all interested parties without regard to race, color, sex, sexual preference, religion,... 
    Cyber
    Contract work
    For contractors
    Local area

    Three Saints Bay

    Washington DC
    2 days ago
  •  ...concentration in Cybersecurity. Additional years of experience and Cyber certifications may be considered in lieu of a degree. 12-15...  ...using Splunk-developed add-ons for Windows, Linux, and common third-party devices and applications Experience onboarding data into Splunk... 
    Cyber
    Immediate start

    Koitecc Solutions

    Arlington, VA
    4 days ago
  •  .... Employees and Applicants can find A&M policy statements and additional information by region here. Unsolicited Resumes from Third-Party Recruiters Please note that as per A&M policy, we do not accept unsolicited resumes from third-party recruiters unless such recruiters... 
    Cyber

    Alvarez & Marsal

    Washington DC
    4 days ago
  • $75k - $100k

     ...Product, Supply Chain Planning & Distribution and Finance (GSCP&F), Cyber Security, Legal, Ecommerce, QA, associated vendor partnerships,...  ...perfect process or overbearing checklists. Coordinate with third party vendors and remote teams so your team can deliver against... 
    Cyber
    Full time
    Work at office
    Local area
    Remote work
    Relocation
    Flexible hours

    Under Armour

    Washington DC
    6 days ago
  •  ...civilian Government agencies and critical asset owners who experience cyber-attacks, providing immediate investigation and resolution....  ...script kiddies], second generation [non nation-state sponsored], and third generation [nation-state sponsored]) - Knowledge of system and... 
    Cyber
    Contract work
    Local area
    Immediate start
    Flexible hours
    Shift work

    BCMC, LLC

    Arlington, VA
    3 days ago
  • $113k - $188k

     ...Job Family Cyber Consulting Travel Required Up to 10% Clearance Required Active Secret What You Will Do Apply fundamental...  ...recruitment event. Never provide your banking information to a third party purporting to need that information to proceed in the hiring... 
    Cyber
    Full time
    Temporary work
    Flexible hours

    Guidehouse

    Washington DC
    4 days ago
  •  ...able to work independently and solve challenges on their own Excellent communication skills Risk management, audit, GRC (governance, risk, & compliance) Experienced performing risk assessments (cyber, third-party risk, internal audit) #J-18808-Ljbffr Insight Global
    Cyber

    Insight Global

    Arlington, VA
    5 days ago
  •  ...SCAs): Conduct annual SCAs for approximately 63 systems, testing a third of the security controls each year. Document and resolve issues...  ...and maintain a Cyberthreat Dashboard to report on real-time cyber activities, enhancing ESOC's visibility into emerging threats. Vulnerability... 
    Cyber
    For contractors
    Work at office
    Local area

    DirectViz Solutions

    Washington DC
    5 days ago
  •  ...Overview Role Summary: The Cyber Security Engineer is responsible for developing and implementing security measures to protect the company's systems and data. Responsibilities Develop and implement security measures. Conduct security assessments and audits... 
    Cyber

    Beyond SOF

    Washington DC
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Third Party Cyber Assessor. Be the first to apply!