hero



The future you've been looking for

Information Security Senior Risk Manager

Bank of America

Bank of America

IT
chester, uk · United States · Remote
Posted on Oct 7, 2024

Job Description:

Job Title: Information Security Senior Risk Manager

Corporate Title: SVP

Location: Chester

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Location Overview:

Chester


Find us in the city of Chester, a destination renowned for its culture, history, and beauty. Working at Bank of America Chester offers a far-reaching global career for a world-renowned organisation, whilst being ideally situated against the backdrop of the rolling North Wales hills and the banks of the serene River Dee.

Job Overview:

The Information Security Senior Risk Manager is aligned to the EMEA Regional Information Security Office and will be based in Chester, reporting into the Regional Information Security COO.

This role will act as senior information security risk specialist and will work with the senior leadership team on defining, implementing, and delivering the overall risk agenda. This will ensure a focus on the risk priorities relating to information security.

To achieve this, they will leverage the regional risk team as well the wider regional and global information security functions and enterprise partners, as needed.

Key Responsibilities:

  • Provide advisory and oversight on information security risks and be a trusted advisor to senior management and country information security officers.
  • Keep abreast of the evolving cyber security and regulatory landscapes and develop appropriate risk management and governance solutions & insights.
  • Manage the risk identification and intake process for the region and ensure risks and issues are appropriately discussed, prioritized, and remediated.
  • Assess and discuss risk and issues in a regional context, with a lens on differences in markets and regulatory environments.
  • Drive or participate in periodic deep dives and tabletop exercises to ensure processes stay current.
  • Collaborate with regional and global Information Security functions to prevent, detect, mitigate, and respond/recover to information security issues.
  • Partner closely with wider technology groups to ensure information security risks are socialized and timely remedial action is taken.
  • Drive awareness activities in the region based on the risk and threat landscape.

What we are looking for:

  • Extensive technology risk management experience with proven ability to effectively apply risk principles to challenging business situations.
  • Subject matter expertise in information security; including application security, development of risk appetite metrics and experience in understanding and evaluating cyber security controls.
  • Track record of creating scalable processes with regards to governance, risk assessment, risk transparency and assurance.
  • Exceptional executive presentation and communication skills with excellent influencing and problem-solving abilities.
  • Extensive experience in data visualization and storyboarding for an executive audience.
  • Practical experience in NIST Cybersecurity Framework or related frameworks and their application
  • Practical and current risk management experience in both UK and EU regulatory environments (mandatory)
  • Ability to comfortably deliver messages across a wide spectrum of individuals having varying degrees of technical understanding.
  • Leadership skills and qualities which enable you to work with peers and various levels of management, including senior management.

Desired skills:

  • Bachelors and/or Master’s degree in Computer Science, Information Technology or related field
  • Relevant information security certifications such as CISSP, CISM, CISA or similar

Benefits of working at Bank of America:


UK

  • Private healthcare for you and your family plus an annual health screen to help you manage your physical wellness with the option to purchase a screen for your partner.

  • Competitive pension plan, life assurance and group income protection cover if you become unable to work as a result of a disability or health reasons.

  • 20 days of back-up childcare including access to school holiday clubs and 20 days of back-up adult care per annum.

  • The ability to change your core benefits as well as the option of selecting a variety of flexible benefits to suit your personal circumstances including access to a wellbeing account, travel insurance, critical illness etc.

  • Access to an emotional wellbeing helpline, mental health first aiders and virtual GP services.

  • Access to an Employee Assistance Program for confidential support and help for everyday matters.

  • Ability to donate to charities of your choice directly through payroll and the bank will match your contribution.

  • Opportunity to access our Arts & Culture corporate membership program and receive discounted entry to some of the UK’s most iconic cultural institutions and exhibitions.

  • Opportunity to give back to your community, develop new skills and work with new groups of people by volunteering in your local community.

Bank of America

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunity employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.