Business Information Security Officer (BISO) - Technology

Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day. The Information Security Officer will be a member of the Business Information Security Officer's (BISO) organization and work closely with the line of business, their COOs, and supporting technology teams from the Chief Information Officers (CIOs)/Chief Technology Officers (CTOs). In this role, you will support a team to develop a deep understanding of the business to have specialized, risk-based information security discussions. This relationship will ensure a focus on the right risk priorities. You will also provide guidance on information security topics, policies, and controls. Scale/Scope: Contribute to ongoing information security initiatives, development, implementation, and maintenance for the line of business (LOB). Serve as an Information Security subject matter expert and liaison with GIS teams; participate in developing, implementing, and maintaining information security programs for both the LOB and the enterprise. Provide guidance and advocacy on prioritizing LOB investments impacting information security. Advise LOB management on risk issues related to information security and recommend actions supporting the bank's wider risk management and compliance programs. Monitor internal and external information security trends and keep LOB leadership informed about related issues. Manage information security control alignment reporting to LOB Leadership. Risk Management: Drive GIS/LOB risk deliverables. Collaborate with risk partners on critical information security priorities. Participate in senior LOB-specific Risk Management & Business Continuity routines. Identify and measure global information security (GIS) controls on critical business processes or channels. Required Skills: 2-5 years of experience in technology and over 5 years in information security. Subject matter expertise in application security, vulnerability testing, system testing, and/or Agile lifecycle management. Strong LOB knowledge/experience relevant to the business they are aligned with (e.g., CSBB/GBM). 1-2 years of risk management experience or direct participation in risk management processes, including application risk classification and control assessments. Excellent presentation and communication skills. Shift: 1st shift (United States of America) Hours Per Week: 40 Pay Transparency details US - DC - Washington - 1800 K St NW; US - IL - Chicago - 540 W Madison St Pay range: $98,200.00 - $146,600.00 annualized salary, determined based on experience, education, and skills. This role is eligible for participation in the annual discretionary plan, with awards based on individual performance, team contributions, and overall company success. Benefits: This role is benefits eligible. We offer industry-leading benefits, paid time off, and resources to support our employees' well-being and community impact. #J-18808-Ljbffr