Business Information Security Officer - Global Banking and Markets

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work and providing a culture of caring is core to how we drive Responsible Growth. We are intentional about fostering an inclusive workplace where every teammate has the opportunity to succeed, build a career and contribute to our shared success. This includes attracting and developing exceptional talent, recognizing and rewarding performance, and supporting our teammates’ physical, emotional, and financial wellness through affordable, competitive and flexible benefits.

We value the unique perspectives individuals bring from all backgrounds and career paths - whether shaped by military service, community college education, or a wide range of work and life experiences. These journeys foster resilience, leadership and innovation, strengthening our workforce and positively impact the communities we serve.

Bank of America is committed to an in-office culture that supports collaboration, engagement, and career development. Our approach includes clear in-office expectations, while providing an appropriate level of flexibility based on role-specific responsibilities and business needs.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Position Summary:

The Information Security Officer (ISO) will be a key functional member of the Business Information Security Officer (BISO) organization, working closely with Global Banking and Markets (GBAM) Chief Information Officer (CIO) and Chief Technology Officer (CTO) teams. The role requires developing a deep understanding of GBAM’s business and technology landscape to enable informed, risk-based information security discussions.

Through strong partnerships with technology and risk stakeholders, the ISO will help ensure focus on the most critical information security risk priorities. Acting as a day-to-day point of contact, the ISO will provide guidance on information security topics, policies, and controls, ultimately becoming a trusted governance and risk partner to the business.

Role Expectations:

• Provide advisory support and oversight for security-related changes within the GBAM environment, leveraging regional information security consultants and global operational response teams as required.

• Collaborate closely with Risk teams, supporting their activities and contributing to the ongoing development of processes and solutions.

• Partner with the global BISO organization to ensure Global Information Security (GIS) requirements and initiatives are communicated, reviewed, and tracked in a consistent, timely, and effective manner.

• Establish and maintain a strong network of stakeholders and strategic partners across technology and risk functions.

• Conduct routine liaison and coordination across risk partners and technology groups to remediate GIS issues flagged as red or amber on vulnerability remediation dashboards.

• Coordinate and drive remediation of ad hoc GIS issues, supporting partners to achieve resolution in line with GIS baselines and standards.

Responsibilities:

• Serve as a subject matter expert for the development, implementation, and ongoing maintenance of information security controls within the line of business (LOB).

• Provide guidance and advocacy on the prioritization of LOB investments, with a focus on information security impact and risk reduction.

• Advise LOB management on information security risks and recommend actions aligned with the bank’s broader risk management and compliance programs.

• Act as the primary point of contact for ad hoc information security enquiries from the LOB.

Required Qualifications:

• 3+ years experience in an information security technology, operations, engineering, or consulting role, with strong knowledge of security controls and processes across systems and networks.

• Excellent interpersonal skills, with the ability to communicate, influence, and negotiate effectively with senior stakeholders to secure alignment and necessary resources.

Desired Qualifications:

• Experience within a technology or financial services organization at a mid to senior level, with solid knowledge of application security controls and associated risks.

• Understanding of vulnerability management concepts, monitoring solutions, and remediation practices.

• Experience with formal security risk assessment methodologies.

• In-depth technical understanding of technology infrastructure operations and related subject matter areas.

• Previous experience working within a financial institution.

• Proven ability to proactively set work priorities and independently manage a portfolio of activities.

• Strong communication skills, including the ability to deliver difficult messages and drive issue resolution with stakeholders.

• Demonstrated ability to work collaboratively as part of an integrated EMEA GIS team.

• Excellent written and verbal communication skills, including the ability to produce and present clear management-level progress and status reports.

Shift:

1st shift (United States of America)

Hours Per Week: 

40