Third Party Cyber Assessor

About The Position

Requirements

• 2+ years as a cyber Assessor.
• Experience in Information Security and/or IT Audit
• Technical writing and verbal communication skill
• Ability to effectively work with partners at varying knowledge and organization levels.
• Ability to communicate clearly and effectively with both technology/development and business partners – ability to translate between these two constituencies.
• Technical skills include the domains of information security and business continuity including: Information Security Controls (Infrastructure Security, Access Management, Physical Security, Application Security, etc.) IT Compliance, SOX Compliance Change Management Enterprise Risk Management
• Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL standards

Nice To Haves

• Information Security certifications, including ISO27002 / CISSP / CEH / CISM / CISA
• Knowledge of NIST guidelines

Responsibilities

• Partners with third parties to ensure they are prepared for information security assessments including answering detailed questions
• Evaluates a third parties information security risk with a holistic lens to determine if they meet Bank of America requirements
• Discusses any information security gaps in the service provider's program with the third party
• Escalates issues or risks identified during the assessment
• Manages relationships with third parties and Enterprise Vendor Managers
• Must be able to travel up to 10-15% (ie: once every other month)
• The ability to interact with internal or external stakeholders including business partners and/or external parties to identify, analyze, and resolve complex problems or security gaps.
• The ability to objectively assess information from various sources and synthesize it towards making a reasoned judgment
• The ability to assess the security, effectiveness, and practicality of technology systems

Benefits

• access to paid time off
• resources and support to our employees