Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Position Summary:

The Risk Lead provides governance, oversight, and proactive management of all risk related items across the External Networks Perimeter & Threat Prevention team. This role ensures timely remediation of all risks, including, but not limited to vulnerabilities, Non-Permitted Technologies (NPT), RISE deliverables, ERPs, xIAI, and certification renewals. This role also ensures requirements of the Global Compliance Enterprise Policy, the Operational Risk Management Enterprise Policy (collectively “the Policies"), the Compliance and Operational Risk Management Program and Standard Operating Procedures are implemented and identifying, challenging, escalating, and mitigating risks in a timely manner and meeting the SLA. Partnering with Global Risk Management organization, which is responsible for ensuring “best-in-class" and consistent risk committee governance practices across the company. We are seeking a highly motivated, detail-oriented individual to support risk governance and risk remediation deliverables.

Required Qualifications:

3+ years engineering experience in Threat Prevention / Content Inspection technologiesExperience with web proxies for advanced content filtering (i.e. McAfee Web Gateway)Experience in malware prevention and data loss prevention systems, including Day Zero threat prevention (i.e. FireEye)Fundamental networking concepts of DNS, DHCP, Firewalls. Load balancing, IPS, basic routing/switching; excellent understanding of TCP/IP and packet analysisExperience in creating Application and network diagrams including all pertinent flows and decisions.Capability to summarize complex issues into executive summariesBasic understanding of Cryptography, SSL certificates, SSL decryption / offload methodologies, HSM/HSMaaS

Desired Qualifications:

Experience with log analysis/reporting tools (e.g. Splunk)Strong written/verbal skillsStrong documentation skillsBasic programming/scripting (e.g. Python)Strong networking backgroundDeveloping application and network diagrams including all pertinent flows and decisionsCapability to summarize complex issues into executive summaries

Skills:

Analytical ThinkingApplication DevelopmentProduction SupportRisk ManagementSolution DesignAutomationBusiness AcumenDevOps PracticesSolution Delivery ProcessStakeholder ManagementAdaptabilityArchitectureInnovative ThinkingProject ManagementTechnical Strategy Development

Shift:

1st shift (United States of America)

Hours Per Week: 

40