Bank of America
Identity & Access Management (IAM) Information Security Controls Specialist (Dat
Bank of America, Washington, District of Columbia, us, 20022
Overview
Identity & Access Management (IAM) Information Security Controls Specialist (Data Driven & Governance exp required) Locations: Charlotte, North Carolina; Washington, District of Columbia; Addison, Texas; Denver, Colorado; Jacksonville, Florida; Jersey City, New Jersey To proceed with your application, you must be at least 18 years of age. Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Summary: Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context.
What you can expect in Identity & Access Management
The Identity & Access Management (IAM) team works within Global Information Services (GIS) and in close participation with all other LOB teams as well as second and third line of defense partners. This role is highly visible and requires frequent interaction with senior management and key stakeholders. You will work with team members on the book of work, operational concerns, or risk items, help overcome obstacles, and maintain relationships with key stakeholders across the bank to ensure timely and effective delivery.
We offer the opportunity to collaborate with passionate, competent people, experts in their field. We thrive on being challenged and everything we do is anchored in managing risk for the bank.
Role Description
The IAM Info Security Controls Specialist will analyze, strengthen, and secure the company's IAM systems and overall risk posture for End User Access Management & Application Services. This role focuses on collaboration across all Lines of Business, CIO teams, to continuously improve the organizations core access control compliance. The Controls Specialist will analyze controls to identify and document inefficiencies, and design/prioritize improvement opportunities to enable swift adherence. The role also will apply knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, report on adherence to policy requirements and maintain governance programs related to IAM Standard controls. Job expectations include using data analytics, governance process management, and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.
Responsibilities
Establish and maintain strong partnership with other Global Information Security (GIS) functions, Global Technology (GT), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal audit, and external regulatory agencies. Provide audit and regulatory responses within the specified periods. Perform Quality Assurance activities to support access control compliance and control metrics. Support and monitor GT application compliance to controls. Oversee and drive governance program, support program inquiries, updating source of record, manage ARM ticketing queue, and maintain program documentation. Maintain QA documentation, audit documentation, and training materials. Drive Quality Assurance Governance for End User Access Management & Application Services. Maintain exceptions to IAM Standard according to governance processes. Ensure IT systems meet enterprise standards, adhere to applicable rules, laws, and regulations, and comply with appropriate risk appetite. Assist with Software Development Life Cycle (SDLC) and testing of application changes with signoff prior to implementation.
Required Qualifications
5+ years relevant hands-on experience in identity and access certification related fields in a large and complex organization. 3-5 years’ experience implementing IAM Cloud solutions, controls, and capabilities. Proficient in articulating facts and data-driven plans and ability to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to relevant Access Management requirements within IAM Standard. Operational experience (i.e. governance, documentation/playbooks/inquiry response knowledge). Strong attention to detail, advanced analytical skills, and quality assurance experience. Excellent communication and presentation skills. Excellent organizational skills and ability to effectively prioritize multiple tasks. Proficient in data management with advanced understanding of metadata collection and management. Experience with Tableau and SQL.
Shift:
1st shift (United States of America) Hours Per Week:
40
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. To view the Know Your Rights poster, visit the EEOC page: https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12.pdf View the LA County Fair Chance Ordinance: https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notic Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy establishes requirements to prevent presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern.
#J-18808-Ljbffr
Identity & Access Management (IAM) Information Security Controls Specialist (Data Driven & Governance exp required) Locations: Charlotte, North Carolina; Washington, District of Columbia; Addison, Texas; Denver, Colorado; Jacksonville, Florida; Jersey City, New Jersey To proceed with your application, you must be at least 18 years of age. Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Summary: Global Information Security (GIS) is responsible for protecting bank information systems, confidential and proprietary data, and customer information. GIS develops the bank’s Information Security strategy and policy, manages the Information Security program, identifies and addresses vulnerabilities and operates a global security operations center that monitors, detects and responds to cybersecurity incidents. Within GIS, Identity and Access Management (IAM) is a security discipline that enables the right individuals to access the right resources at the right times and in the right context.
What you can expect in Identity & Access Management
The Identity & Access Management (IAM) team works within Global Information Services (GIS) and in close participation with all other LOB teams as well as second and third line of defense partners. This role is highly visible and requires frequent interaction with senior management and key stakeholders. You will work with team members on the book of work, operational concerns, or risk items, help overcome obstacles, and maintain relationships with key stakeholders across the bank to ensure timely and effective delivery.
We offer the opportunity to collaborate with passionate, competent people, experts in their field. We thrive on being challenged and everything we do is anchored in managing risk for the bank.
Role Description
The IAM Info Security Controls Specialist will analyze, strengthen, and secure the company's IAM systems and overall risk posture for End User Access Management & Application Services. This role focuses on collaboration across all Lines of Business, CIO teams, to continuously improve the organizations core access control compliance. The Controls Specialist will analyze controls to identify and document inefficiencies, and design/prioritize improvement opportunities to enable swift adherence. The role also will apply knowledge of laws, rules, regulations, and information security concepts (e.g., NIST, COBIT, ISO) to establish and maintain policies, validate alignment of processes and controls to requirements, report on adherence to policy requirements and maintain governance programs related to IAM Standard controls. Job expectations include using data analytics, governance process management, and partnering with internal teams to verify policy compliance, identify gaps in coverage, and support remediation activities.
Responsibilities
Establish and maintain strong partnership with other Global Information Security (GIS) functions, Global Technology (GT), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal audit, and external regulatory agencies. Provide audit and regulatory responses within the specified periods. Perform Quality Assurance activities to support access control compliance and control metrics. Support and monitor GT application compliance to controls. Oversee and drive governance program, support program inquiries, updating source of record, manage ARM ticketing queue, and maintain program documentation. Maintain QA documentation, audit documentation, and training materials. Drive Quality Assurance Governance for End User Access Management & Application Services. Maintain exceptions to IAM Standard according to governance processes. Ensure IT systems meet enterprise standards, adhere to applicable rules, laws, and regulations, and comply with appropriate risk appetite. Assist with Software Development Life Cycle (SDLC) and testing of application changes with signoff prior to implementation.
Required Qualifications
5+ years relevant hands-on experience in identity and access certification related fields in a large and complex organization. 3-5 years’ experience implementing IAM Cloud solutions, controls, and capabilities. Proficient in articulating facts and data-driven plans and ability to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to relevant Access Management requirements within IAM Standard. Operational experience (i.e. governance, documentation/playbooks/inquiry response knowledge). Strong attention to detail, advanced analytical skills, and quality assurance experience. Excellent communication and presentation skills. Excellent organizational skills and ability to effectively prioritize multiple tasks. Proficient in data management with advanced understanding of metadata collection and management. Experience with Tableau and SQL.
Shift:
1st shift (United States of America) Hours Per Week:
40
Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. To view the Know Your Rights poster, visit the EEOC page: https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12.pdf View the LA County Fair Chance Ordinance: https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notic Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy establishes requirements to prevent presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern.
#J-18808-Ljbffr