Hispanic Technology Executive Council
Sr. Information Security Officer - Generative Artificial Intelligence
Hispanic Technology Executive Council, Chicago, Illinois, United States, 60290
Overview
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! The Sr. Information Security Officer - Gen AI is a member of the Business Information Security Office (BISO) within Global Information Security (GIS). The role partners with senior leaders to balance business needs while ensuring information security risks are identified and managed to mitigate risk and drive cyber security protection. The position supports a group/team to develop a deep understanding of the business to lead specialized information security risk-based discussions and provide guidance on information security topics, policies, and controls. Responsibilities
Leads cybersecurity risk assessments of Generative AI use cases, including assessment of inherent risk and control effectiveness Guides business leaders and technology organizations on initiatives requiring Global Information Security engagement and/or manages problem resolution on cyber security related issues Serves as a common risk control partner to identify emerging security risks in the portfolio Drives adherence to appropriate risk tolerance levels, operating in accordance with information security policies to protect data confidentiality, integrity, and availability Promotes awareness of current and emerging cybersecurity threats and advises on potential information security exposure Facilitates risk reviews across logical and physical boundaries to identify gaps and recommend secure designs Interprets information security requirements outlined in policy, standards and procedures and reinforces requirements through education and awareness Acts as a "security ambassador" to help business leaders drive strategic and innovative risk mitigation priorities within GIS Required Qualifications
8+ years of experience in cybersecurity, with at least 2 years focused on cyber assessment of Artificial Intelligence or Machine Learning systems Deep understanding of Generative AI/Large Language Models and assessment frameworks including MITRE ATLAS, OWASP Top 10 for LLM and GenAI, and NIST AI RMF In-depth knowledge of cybersecurity threats, controls and technologies, with experience bridging software developer perspectives to practical applications Ability to evaluate threats to information systems and recommend mitigations based on internal and external vulnerabilities Ability to design and manage controls contributing to remediation plans addressing policy, technology, environmental, and operational gaps Ability to bring multiple stakeholders together, including senior business and technology leaders, to reach consensus Ability to decompose complex issues, drive timely decisions, and know when to seek input or act independently Bias for action and a commitment to build partnerships in a dynamic risk- and threat-driven environment Strong interpersonal skills; ability to present and communicate technical concepts to non-technical audiences Ability to identify, measure, monitor, and control risk as part of daily activities, focusing on risk types such as Strategic, Operational, Reputational, etc. Ability to design, architect, analyze, support, and secure cloud-based workloads Excellent communication, influencing and facilitation skills Shift
Shift:
1st shift (United States of America) Hours Per Week
Hours Per Week:
40 Pay Transparency details
Location details:
US - CO - Denver - 1144 15th St - Denver Gis (CO9926); US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540); US - NJ - Jersey City - 101 Hudson St - 101 Hudson (NJ2101) Pay range:
$141,700.00 - $206,900.00 annualized salary, offers to be determined based on experience, education and skill set. Discretionary incentive eligible. This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on individual performance, business/group contributions, and overall company success. Benefits:
This role is currently benefits eligible. We provide industry-leading benefits, paid time off, and resources to support employees and the communities we serve.
#J-18808-Ljbffr
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! The Sr. Information Security Officer - Gen AI is a member of the Business Information Security Office (BISO) within Global Information Security (GIS). The role partners with senior leaders to balance business needs while ensuring information security risks are identified and managed to mitigate risk and drive cyber security protection. The position supports a group/team to develop a deep understanding of the business to lead specialized information security risk-based discussions and provide guidance on information security topics, policies, and controls. Responsibilities
Leads cybersecurity risk assessments of Generative AI use cases, including assessment of inherent risk and control effectiveness Guides business leaders and technology organizations on initiatives requiring Global Information Security engagement and/or manages problem resolution on cyber security related issues Serves as a common risk control partner to identify emerging security risks in the portfolio Drives adherence to appropriate risk tolerance levels, operating in accordance with information security policies to protect data confidentiality, integrity, and availability Promotes awareness of current and emerging cybersecurity threats and advises on potential information security exposure Facilitates risk reviews across logical and physical boundaries to identify gaps and recommend secure designs Interprets information security requirements outlined in policy, standards and procedures and reinforces requirements through education and awareness Acts as a "security ambassador" to help business leaders drive strategic and innovative risk mitigation priorities within GIS Required Qualifications
8+ years of experience in cybersecurity, with at least 2 years focused on cyber assessment of Artificial Intelligence or Machine Learning systems Deep understanding of Generative AI/Large Language Models and assessment frameworks including MITRE ATLAS, OWASP Top 10 for LLM and GenAI, and NIST AI RMF In-depth knowledge of cybersecurity threats, controls and technologies, with experience bridging software developer perspectives to practical applications Ability to evaluate threats to information systems and recommend mitigations based on internal and external vulnerabilities Ability to design and manage controls contributing to remediation plans addressing policy, technology, environmental, and operational gaps Ability to bring multiple stakeholders together, including senior business and technology leaders, to reach consensus Ability to decompose complex issues, drive timely decisions, and know when to seek input or act independently Bias for action and a commitment to build partnerships in a dynamic risk- and threat-driven environment Strong interpersonal skills; ability to present and communicate technical concepts to non-technical audiences Ability to identify, measure, monitor, and control risk as part of daily activities, focusing on risk types such as Strategic, Operational, Reputational, etc. Ability to design, architect, analyze, support, and secure cloud-based workloads Excellent communication, influencing and facilitation skills Shift
Shift:
1st shift (United States of America) Hours Per Week
Hours Per Week:
40 Pay Transparency details
Location details:
US - CO - Denver - 1144 15th St - Denver Gis (CO9926); US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540); US - NJ - Jersey City - 101 Hudson St - 101 Hudson (NJ2101) Pay range:
$141,700.00 - $206,900.00 annualized salary, offers to be determined based on experience, education and skill set. Discretionary incentive eligible. This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on individual performance, business/group contributions, and overall company success. Benefits:
This role is currently benefits eligible. We provide industry-leading benefits, paid time off, and resources to support employees and the communities we serve.
#J-18808-Ljbffr