Director, IT Cybersecurity
JSR Micro, Inc.
CloudCyber Security
Senior Information Security Officer – Generative Artificial Intelligence
Bank of America
full-time
Posted on:
Location Type: Hybrid
Location: Denver • Colorado, Illinois, New Jersey • 🇺🇸 United States
Visit company websiteSalary
💰 $141,700 - $206,900 per year
Job Level
Senior
Tech Stack
CloudCyber Security
About the role
- Leads cybersecurity risk assessments of Generative AI use cases, including assessment of the inherent risk and control effectiveness
- Guides business leaders and technology organizations on initiatives requiring Global Information Security engagement and/or manage problem resolution on cyber security related issues
- Serves as a common risk control partner to identify emerging security risks in the portfolio
- Drives adherence and appropriate risk tolerance levels, operating in accordance with the information security policies defined to protect against threats to data confidentiality, integrity, and availability
- Promotes awareness of current and emerging cybersecurity threats and advise on potential information security exposure
- Facilitates risk reviews across logical and physical boundaries to identify gaps and recommend secure designs
- Interprets the information security requirements outlined in policy, standards and procedures as well as reinforces requirements through education and awareness
- Leads as a "security ambassador" to help business leaders drive strategic and innovative risk mitigation priorities and navigate the Global Information Security organization
Requirements
- 8+ years of experience in cybersecurity, with at least 2 years focused on cyber assessment of Artificial Intelligence or Machine Learning systems
- A deep understanding of Generative AI/Large Language Models and assessment frameworks including MITRE ATLAS, OWASP Top 10 for LLM and GenAI, and NIST AI RMF
- In-depth knowledge of cybersecurity threats, controls and technologies, with a deep understanding/experience with software developer experiences to bridge the gap between the theoretical and practical application
- Ability to apply knowledge of internal and external information vulnerabilities to evaluate the degree of threat to an information system and answer tactical questions about current operations, predict future behavior or recommend appropriate mitigation countermeasures
- Ability to manage and design controls that may contribute to a remediation plan developed to address policy, technology, environmental, and/or operational gaps
- Ability to bring multiple stakeholders together, including senior business and technology leaders, and cut to the heart of issues to reach consensus
- Ability to decompose complex issues and drive timely decisions, knowing when to engage others for additional input, and when to act independently
- Bias for action and a commitment to build partnerships in a dynamic risk & threat driven environment
- Strong interpersonal skills; ability to make effective presentations and communicate technical concepts to non-technical parties
- Ability to identify, measure, monitor, and control risk as part of daily business activities, with a focus on specific risk types (e.g., Strategic, Credit, Market, Liquidity, Operational, Compliance, Reputational)
- Ability to design, architect, analyze, support, and secure cloud-based workloads
- Excellent communication, influencing and facilitation skills
Benefits
- industry-leading benefits
- access to paid time off
- resources and support to our employees
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard skills
cybersecurityGenerative AILarge Language Modelscyber assessmentMITRE ATLASOWASP Top 10 for LLMNIST AI RMFrisk managementcloud securityinformation security controls
Soft skills
interpersonal skillscommunication skillspresentation skillsproblem resolutionstakeholder managementdecision makingconsensus buildingpartnership buildinginfluencing skillsfacilitation skills
