Bank of China USA
Chief Information Security Office - Security Services & Cyber Defense - Security
Bank of China USA, New York, New York, us, 10261
Chief Information Security Office - Security Services & Cyber Defense - Security Operation Center AVP
Join to apply for the Chief Information Security Office - Security Services & Cyber Defense - Security Operation Center AVP role at Bank of China USA.
Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.
Overview This incumbent will provide Security Operation Center services to fulfill the bank’s information security program requirements, including real‑time response and analysis of security threats across enterprise systems. The role also supports Security Services & Cyber Defense, Governance, Compliance and Risk Management functions and manages SOC associates. The position works an 8‑hour shift rotation covering 24/7/365, including overnight, weekend and holiday service.
Responsibilities Security Operation Center
Execute incident response protocols for responding to and escalating incidents timely.
Conduct initial incident response, including containment, documentation, and communication.
Conduct post‑incident reporting and analysis, maintaining detailed records of security events and actions taken.
Analyze security alerts and assess potential threats, staying updated on the current threat landscape and emerging attack techniques.
Team Management
Supervise a team of SOC Associates during assigned shifts, ensuring task coverage and operational readiness.
Enforce adherence to SOC Policies, Standards and Procedures and escalates deviations or issues as needed.
Participate in the review and improvement of incident response Policies, Standards and Procedures.
Security Services & Cyber Defense, Governance, Compliance and Risk Assessment
Execute Security Policies and Standards.
Manage assigned security monitoring tools.
Conduct vulnerability scans, patch management, Identity & Access Management, Penetration Testing, Data Privacy, Phishing and Training, audit affairs and risk assessment as needed.
Qualifications
Bachelor’s degree in Business, Computer Science, Management Information Systems, Engineering, Mathematics, or related field is required.
Minimum 4 years of full‑time work experience.
Minimum 3 years of work experience in Information Security, cybersecurity, vulnerability management, security architecture, network, security tools and computer systems administration.
Minimum 3 years of experience in risk management.
Good understanding of regulatory requirements including FFIEC, GLBA, NIST.
Knowledge of Information Security and Cyber Security best practices.
Knowledge of systems administration such as Windows Server, Active Directory management, firewall, UNIX system, network architectures, etc.
Knowledge of security tools such as SIEM, DLP, XDR, EDR, Web Filter, etc.
Good understanding of protocol behaviors and the validity of identified vulnerabilities.
CISSP, CRISC, or IT‑related certifications preferred.
Pay Range Actual salary is commensurate with candidate’s relevant years of experience, skillset, education and other qualifications. USD $65,000.00 – USD $150,000.00 /Yr.
#J-18808-Ljbffr
Established in 1912, Bank of China is one of the largest banks in the world, with over $3 trillion in assets and a footprint that spans more than 60 countries and regions. Our long-term outlook, institutional weight and global breadth provide our clients with a stable and reliable financial partner, whether in Corporate or Personal Banking or our Trade Services, Commodities, Financial Institutions and Global Markets lines of business.
Overview This incumbent will provide Security Operation Center services to fulfill the bank’s information security program requirements, including real‑time response and analysis of security threats across enterprise systems. The role also supports Security Services & Cyber Defense, Governance, Compliance and Risk Management functions and manages SOC associates. The position works an 8‑hour shift rotation covering 24/7/365, including overnight, weekend and holiday service.
Responsibilities Security Operation Center
Execute incident response protocols for responding to and escalating incidents timely.
Conduct initial incident response, including containment, documentation, and communication.
Conduct post‑incident reporting and analysis, maintaining detailed records of security events and actions taken.
Analyze security alerts and assess potential threats, staying updated on the current threat landscape and emerging attack techniques.
Team Management
Supervise a team of SOC Associates during assigned shifts, ensuring task coverage and operational readiness.
Enforce adherence to SOC Policies, Standards and Procedures and escalates deviations or issues as needed.
Participate in the review and improvement of incident response Policies, Standards and Procedures.
Security Services & Cyber Defense, Governance, Compliance and Risk Assessment
Execute Security Policies and Standards.
Manage assigned security monitoring tools.
Conduct vulnerability scans, patch management, Identity & Access Management, Penetration Testing, Data Privacy, Phishing and Training, audit affairs and risk assessment as needed.
Qualifications
Bachelor’s degree in Business, Computer Science, Management Information Systems, Engineering, Mathematics, or related field is required.
Minimum 4 years of full‑time work experience.
Minimum 3 years of work experience in Information Security, cybersecurity, vulnerability management, security architecture, network, security tools and computer systems administration.
Minimum 3 years of experience in risk management.
Good understanding of regulatory requirements including FFIEC, GLBA, NIST.
Knowledge of Information Security and Cyber Security best practices.
Knowledge of systems administration such as Windows Server, Active Directory management, firewall, UNIX system, network architectures, etc.
Knowledge of security tools such as SIEM, DLP, XDR, EDR, Web Filter, etc.
Good understanding of protocol behaviors and the validity of identified vulnerabilities.
CISSP, CRISC, or IT‑related certifications preferred.
Pay Range Actual salary is commensurate with candidate’s relevant years of experience, skillset, education and other qualifications. USD $65,000.00 – USD $150,000.00 /Yr.
#J-18808-Ljbffr