Bank of America

Cyber Security Risk Analyst

Bank of America

full-time

Posted on:

Location Type: Office

Location: DenverColoradoDistrict of ColumbiaUnited States

Visit company website

Explore more

AI Apply
Apply

Salary

💰 $95,000 - $143,600 per year

About the role

  • Assist in assessment scope determination
  • Meeting with Enterprise Vendor Managers and Third Party Subject Matter Experts (SME’s) to prepare them for the assessment
  • Documentation collection (e.g. TruSight or vendor provided policies/procedures)
  • Preparation of assessment work-papers
  • Ensure each third party is prepared for the assessment and gather an understanding of the third party security risk environment
  • Interact regularly with Enterprise Vendor Managers and Third Parties and act as single point of contact to prepare the Third Party for the assessment and while answering detailed risk questions
  • Engage with the Third Parties security team to understand their control environment, control strength, and review information security policies/procedures for completeness
  • Populate the assessment workpapers with detailed information for the third party assessors to document gaps and determine remediation approaches.

Requirements

  • 2+ years in Information Security, Risk Management, or related discipline
  • Exhibits a consistent investigative, risk focused mindset
  • Outstanding verbal and written communication skills
  • Strong analytical and critical thinking abilities with a logical, structured problem-solving approach
  • Resilient, disciplined, and self-directed
  • Ability to engage, challenge, and collaborate effectively with business and non-technical owners
  • Strong growth mindset with a willingness to expand risk and technical knowledge
  • Ability to manage competing priorities and shifting timelines without compromising quality.
  • Bachelor’s degree in Information Technology, Information Security or related field
  • Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2).
Benefits
  • Discretionary incentive eligible
  • Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.
  • This role is currently benefits eligible.
  • We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
Information SecurityRisk ManagementAnalytical skillsProblem-solvingDocumentation collectionAssessment preparationControl environment reviewInformation security policiesRemediation approaches
Soft Skills
Verbal communicationWritten communicationAnalytical thinkingCritical thinkingCollaborationResilienceDisciplineSelf-directionGrowth mindsetTime management
Certifications
CISSPCISACRISCCISMCCIETOGAFCCTACCFP