Cloud Security Assurance Process Manager
Bank of America
Remote
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
The role:
The Cloud Assurance Process Manager role supports the Cloud Security Assurance organization within Global Information Security (GIS) and plays a critical role in enabling a scalable, repeatable, and defensible cloud assurance operating model across all Cloud Service Providers (CSPs), including AWS, Azure, Google Cloud Platform (GCP), and SSPM platforms.
This role is responsible for the publication, governance, and continuous improvement of high quality cloud assurance process documentation that enables consistent execution across CSP teams. The Process Manager ensures that assurance processes, playbooks, and runbooks are clearly documented, audit defensible, accurately represented in the Single Process Inventory (SPI), and supported by well defined control, technology, and process health metrics.
In addition to process ownership, this role serves as a key operational partner across Cloud Assurance, Governance, Risk, and Audit functions. The individual coordinates assurance related engagements, supports audit and exam readiness, produces executive level reporting on process health, and integrates with upstream governance routines to anticipate new cloud business roadmaps and capabilities that will create future assurance demand. Success in this role depends on strong organizational discipline, clear written communication, and the ability to translate complex assurance activities into structured, defensible, and leadership ready artifacts.
Key Responsibilities:
Lead the design, documentation, publication, and continuous improvement of Cloud Security Assurance processes across all CSP teams, including AWS, Azure, GCP, and SSPM.
Own the development and maintenance of high quality, defensible assurance documentation, including playbooks, runbooks, procedures, and control narratives.
Ensure all cloud assurance processes are accurately represented, governed, and maintained within the Single Process Inventory (SPI), including ongoing validation and quality reviews.
Manage intake and coordination of internal and external engagements that impact Cloud Assurance, including audits, exams, assessments, and cloud risk reviews.
Coordinate Cloud Assurance team participation in engagements driven by new business initiatives, cloud capabilities, and evolving platform roadmaps.
Establish and maintain operational intake, planning, and reporting routines to track assurance demand, work progress, blockers, and emerging risks.
Support audit and exam evidence requests by ensuring documentation accuracy, completeness, and traceability.
Partner with Risk, Compliance, Audit, and Governance stakeholders to ensure assurance processes remain aligned to enterprise expectations and defensible at all times.
Support governance routines by facilitating process reviews, socialization forums, operational reviews, and quarterly risk activities.
Establish and maintain control, technology, and process health metrics for Cloud Assurance.
Produce executive level reporting that clearly communicates assurance process health, control effectiveness, risk posture, and areas requiring leadership attention.
Support future state process definition, impact assessments, and enablement activities related to cloud assurance evolution.
Contribute to workforce enablement activities such as onboarding support, role clarity, vendor coordination, and learning and development alignment.
Required Qualifications:
Highly organized, motivated self starter with the ability to manage multiple concurrent process and engagement efforts with minimal supervision.
5+ years experience designing, documenting, and governing repeatable, well controlled assurance or operational processes.
Demonstrated ability to produce high quality, defensible documentation suitable for leadership, audit, and regulatory review.
Proven ability to establish operating routines, metrics, and reporting frameworks.
Strong influencing and collaboration skills across technical and non-technical stakeholders.
Ability to anticipate process, control, and operational risks and proactively implement solutions.
Excellent written and verbal communication skills with the ability to distill complex information into executive ready insights.
Strong relationship building skills across cloud, security, governance, and risk teams.
Proficiency in Microsoft Office tools (Excel, PowerPoint, Word, SharePoint).
Desired Qualifications:
Prior experience in assurance, governance, risk, compliance, or process management roles.
Familiarity with cloud platforms (AWS, Azure, GCP) and cloud security or assurance concepts.
Experience supporting audit, exam, or regulatory engagements.
Understanding of enterprise process inventories, control frameworks, and operating models.
Program or project management experience.
Experience operating in large, complex, or highly regulated environments.
This job will be open and accepting applications for a minimum of seven days from the date it was posted.
Shift:
1st shift (United States of America)Hours Per Week:
40