Third Party Cyber Risk Assessor
Job Description:
Job Title: Third Party Cyber Risk Assessor
Corporate Title: Up to Vice President
Location: Dublin or Chester
Company Overview:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities and shareholders every day.
One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.
Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.
Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference.
Role Description:
In this role, you’ll conduct security reviews of third-party vendors, including pre-assessment, assessment, and remediation activities. Your work directly supports our commitment to safeguarding the Banks’ services. This role requires travel at least 50% of time. Applicants must be eligible to travel within EMEA.
Responsibilities:
- Validating assessment scope.
- Partnering with vendor managers and third parties to answer detailed questions.
- Preparing them for assessment.
- Collecting and reviewing documentation.
- Evaluating a third party’s information security risk with a holistic lens.
- Identifying and discussing any information security gaps in the service provider's program with the third party.
- Determining if appropriate information security controls are in place.
- Escalating security issues or risks identified during the assessment.
- Completing assessment work papers.
- Producing assessment summary reports detailing the gaps identified and the potential impact and recommendations for mitigating the risk.
What we are looking for:
- A broad knowledge of IT, information security, and business continuity principles and concepts.
- Technical knowledge of a wide range of information security controls and the processes used for evaluating their design and effectiveness.
- A technical background in IT and networks having worked in a technical area and gained a deep understanding of the technology.
- A good understanding of cyber risks and controls and how they relate to current and emerging technologies.
- Critical Thinking skills – Ability to analyse complex security challenges and devise effective solutions.
- Problem Solving abilities– Proactive approach to addressing security issues and vulnerabilities.
- Technology System Assessment – Previous involvement in evaluating third-party systems for security risks.
- Customer and Client Focus – Ability to understand stakeholder needs and provide relevant security guidance.
- An ambassador for Bank of America always presenting a professional demeanour to external parties especially when faced with challenging situations.
- Effective Oral Communication skills – Articulating security findings and recommendations clearly to technical and non-technical audiences.
- Vendor Management experience – Coordinating security assessments with external vendors.
- Ability to work independently and able to prioritise conflicting tasks.
- Flexibility and the ability to adapt easily and quickly to new and changed processes.
- Understanding of System Architecture – Awareness of how system architecture impacts security.
- Consulting skills – Providing advice on security best practice.
Bank of America
Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.
We are an equal opportunity employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependents, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.
We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
