26 days old

Sr. Business Control Specialist, Core Technology Infrastructure

Jersey City, NJ 07308
Sr. Business Control Specialist, Core Technology Infrastructure



Charlotte, North Carolina;Jersey City, New Jersey; Elgin, Illinois; Richmond, Virginia



**Job Description:**



The Global Cloud Governance Forum (GCGF) Operations Risk team is responsible for monitoring applications that utilize external Cloud or Vendor-hosted Multi-tenant environments. Netskope is a data collection tool organized by Global Information Security (GIS) to track the download and upload of traffic external to the Bank. Global Cloud Governance Forum GCGF continuous cloud monitors include tracking and driving compliance of download and upload workloads.



GCGF risk team identifies applications that require GCGF governance approval. This data is analyzed to determine if a GCGF Use Case and/or other bank controls are required as well as monitor and escalate to completion. Role will also include third and fourth external cloud party governance risk scoring and evaluation with key control partners and the business.



Responsibilities include:



1. Reconcile the CSB findings with AppHQ and other System of Records to identify if activities are out of compliance and requires escalation and remediation

2. Assist in design and facilitation of review and decision processes for in/out-of-scope decisions and remediation planning

3. Participate collaborate end-to-end with Application Manager and/or Senior Leader Technology

4. Address risk challenger/partner/advisor as needed to ensure cloud controls coverage and effectiveness

5. Manage out of compliance threshold, training, awareness, escalations, exception, and emergency processes

6. Identify risk and implement process improvement of the GCGF processes

7. Produce weekly and monthly agendas, reports and minutes

8. Maintain upkeep of the official records and documents for preparedness in audits and examinations

9. Keep abreast of cloud strategy, policies, controls, regulations, industry best practices for financial services cloud computing



REQUIRED MINIMUM QUALIFICATIONS:



+ 10 years in ITSM disciplines including Technology, Operations, Risk, Security, Program/Project Management

+ 5 years of experience as focal point to Bank Audit or Targeted Risk Assessment

+ 5 years of management experience with a collaborative, customer-oriented and inclusive thought leadership style

+ Knowledgeable in BAC risk related policies and practices across GTO (i.e. GIS, Enterprise Data Management, Third Party Management, Risk and Compliance Management)

+ Strong attention to detail to meet the requirements of a high risk, highly regulated and often audited process

+ Strong ability to consolidate information into executive ready and audit ready presentations

+ Executive presence and ability to present and communicate information clearly to executive audiences and auditors.

+ Influential leader with the ability to persuade others

+ Knowledge of NIST, Cloud related frameworks and regulations and related BofA policies and standards.

+ Understanding of Cloud architectures and models (IaaS, SaaS, PaaS)

+ Certification in CISA, CISM, CRISC or CISSP helpfu

+ MS Excel, PowerPoint



**Job Band:**



H5



**Shift:**



1st shift (United States of America)



**Hours Per Week:**



40



**Weekly Schedule:**



**Referral Bonus Amount:**



0



**Job Description:**



The Global Cloud Governance Forum (GCGF) Operations Risk team is responsible for monitoring applications that utilize external Cloud or Vendor-hosted Multi-tenant environments. Netskope is a data collection tool organized by Global Information Security (GIS) to track the download and upload of traffic external to the Bank. Global Cloud Governance Forum GCGF continuous cloud monitors include tracking and driving compliance of download and upload workloads.



GCGF risk team identifies applications that require GCGF governance approval. This data is analyzed to determine if a GCGF Use Case and/or other bank controls are required as well as monitor and escalate to completion. Role will also include third and fourth external cloud party governance risk scoring and evaluation with key control partners and the business.



Responsibilities include:



1. Reconcile the CSB findings with AppHQ and other System of Records to identify if activities are out of compliance and requires escalation and remediation

2. Assist in design and facilitation of review and decision processes for in/out-of-scope decisions and remediation planning

3. Participate collaborate end-to-end with Application Manager and/or Senior Leader Technology

4. Address risk challenger/partner/advisor as needed to ensure cloud controls coverage and effectiveness

5. Manage out of compliance threshold, training, awareness, escalations, exception, and emergency processes

6. Identify risk and implement process improvement of the GCGF processes

7. Produce weekly and monthly agendas, reports and minutes

8. Maintain upkeep of the official records and documents for preparedness in audits and examinations

9. Keep abreast of cloud strategy, policies, controls, regulations, industry best practices for financial services cloud computing



REQUIRED MINIMUM QUALIFICATIONS:



+ 10 years in ITSM disciplines including Technology, Operations, Risk, Security, Program/Project Management

+ 5 years of experience as focal point to Bank Audit or Targeted Risk Assessment

+ 5 years of management experience with a collaborative, customer-oriented and inclusive thought leadership style

+ Knowledgeable in BAC risk related policies and practices across GTO (i.e. GIS, Enterprise Data Management, Third Party Management, Risk and Compliance Management)

+ Strong attention to detail to meet the requirements of a high risk, highly regulated and often audited process

+ Strong ability to consolidate information into executive ready and audit ready presentations

+ Executive presence and ability to present and communicate information clearly to executive audiences and auditors.

+ Influential leader with the ability to persuade others

+ Knowledge of NIST, Cloud related frameworks and regulations and related BofA policies and standards.

+ Understanding of Cloud architectures and models (IaaS, SaaS, PaaS)

+ Certification in CISA, CISM, CRISC or CISSP helpfu

+ MS Excel, PowerPoint



**Shift:**



1st shift (United States of America)



**Hours Per Week:**



40



Learn more about this role



Full time



JR-22033822



Band: H5



Manages People: No



Travel: No



Manager:



Talent Acquisition Contact:



Marzella Wilson



Referral Bonus:



0



Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity and affirmative action, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.




To view the "EEO is the Law" poster, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/eeopost.pdf) .


To view the "EEO is the Law" Supplement, CLICK HERE (https://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP\_EEO\_Supplement\_Final\_JRF\_QA\_508c.pdf) .



Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (Policy) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.




To view Bank of Americas Drug-free workplace and alcohol policy, CLICK HERE .

Industry

  • Banking / Finance
Posted: 2022-04-22 Expires: 2022-06-13

Success begins with building relationships.

At Bank of America, our customers are at the center of everything we do. Our focus is on helping each one find the right financial solutions. With a wide range of career opportunities available, we invite you to realize your career goals with us while assisting customers with what matters most to them.

Welcome to Careers at Bank of America.


Sponsored by:
ADP Logo
Sponsored by:
Bank of America Logo

Featured Jobs[ View All ]

Featured Employers

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Business Control Specialist, Core Technology Infrastructure

Bank of America
Jersey City, NJ 07308

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast