Third Party Cyber Assurance (TPCA) Assessor
Company: Disability Solutions
Location: Chicago
Posted on: November 16, 2024
Job Description:
Job Description:At Bank of America, we are guided by a common
purpose to help make financial lives better through the power of
every connection. Responsible Growth is how we run our company and
how we deliver for our clients, teammates, communities and
shareholders every day.One of the keys to driving Responsible
Growth is being a great place to work for our teammates around the
world. We're devoted to being a diverse and inclusive workplace for
everyone. We hire individuals with a broad range of backgrounds and
experiences and invest heavily in our teammates and their families
by offering competitive benefits to support their physical,
emotional, and financial well-being.Bank of America believes both
in the importance of working together and offering flexibility to
our employees. We use a multi-faceted approach for flexibility,
depending on the various roles in our organization.Working at Bank
of America will give you a great career with opportunities to
learn, grow and make an impact, along with the power to make a
difference. Join us!Job Description:The Third Party Cyber Assurance
(TPCA) Assessor will conduct assessment activities for information
security assessments where responsibilities span pre-assessment,
assessment, and/or remediation activities for 3rd Party vendors
providing services to Bank of America. The role will be responsible
for coordination, conducting and providing cyber security, business
continuity, and other technical domains assessment results. Will
conduct investigations, reviews, and determines assessment
findings/gaps as a result of an in-depth review of documents
relevant to compliance with Industry standards, corporate
regulations and risk frameworks. Develops and maintains assessment
findings, documentation, and relevant metrics to ensure appropriate
risks are documented, communication and monitored. Assists in the
development of reports and metrics to effectively communication to
senior leadership the associated risk around the assessment
findings. Understanding and the ability to implementation of
Enterprise Governance, Risk Management, Compliance framework.Job
Responsibilities
- Evaluates a 3rd Parties information security risk with a
holistic lens to determine if they meet Bank of America
requirements.
- Partners with 3rd Parties to ensure they are prepared for the
assessment, understand the question set, and the specific evidence
details required.
- Identifying and escalating risks that may affect 3rd Party
information security policies, standards, and procedures that do
not meet corporate requirements and be able to communicate/discuss
with Global Teams such as: Subject Mater Experts (SMEs), Front Line
Units (FLU)/Lines of Business (LOB)
- Managing, building, and maintaining positive internal/external
relationships and routines with the global team (Third Party
Assessment Team, Enterprise Vendor Managers, Third Party Portfolio
Executives and Business Information Security Officers (BISOs).
- Provide related support for audit, compliance, or regulatory
requests by associated quick turnaround deadlines on
occasion.Skills Required:
- The ability to objectively assess information from various
sources and synthesize it towards making a reasoned technical
judgment.
- Previous information technology/security audit/assessment
experience preferred.
- Technical skills include the domains of information security
and business continuity including:
- Information Security Controls (Infrastructure Security, Access
Management, Application Security, Physical Security, etc.)
- IT Compliance, SOX Compliance
- Change Management
- Enterprise Risk Management
- Solid grasp of NIST, PCI, ISO, SDLC, COBIT, and ITIL
standards
- Ability to review endpoint protection i.e. anomaly detection,
malware protection, DLP, HIPS/HIDS.
- Ability to review cloud implementation and preventive,
detective and technical controls within the cloud environment.
- Ability to communicate clearly and effectively with both
technology/development and business partners - ability to translate
between these two constituencies.
- Excelling Technical writing and verbal communication skills in
English
- Excellent organizational and administrative skills.
- Ability to coordinate multiple assessment activities in
parallel and work both independently as well as part of an
assessment team.
- Naturally inquisitive and keen to learn.
- Ability to effectively work with partners at varying knowledge
and organization levels.Desired Skills:
- Information Security certifications, such as ISO27002 / CISSP /
CEH / CISM / CISA
- Knowledge of NIST guidelinesAdditional Skills:
- Critical Thinking
- Data Privacy and Protection
- Information Systems Management
- Problem Solving
- Technology System AssessmentThis job will be open and accepting
applications for a minimum of seven days from the date it was
posted.Shift:1st shift (United States of America)Hours Per Week:
40Pay Transparency detailsUS - CO - Denver - 1144 15th St - Denver
Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street
NW (DC1842)Pay and benefits informationPay range$91,800.00 -
$139,200.00 annualized salary, offers to be determined based on
experience, education and skill set.Discretionary incentive
eligibleThis role is eligible to participate in the annual
discretionary plan. Employees are eligible for an annual
discretionary award based on their overall individual performance
results and behaviors, the performance and contributions of their
line of business and/or group; and the overall success of the
Company.BenefitsThis role is currently benefits eligible. We
provide industry-leading benefits, access to paid time off,
resources and support to our employees so they can make a genuine
impact and contribute to the sustainable growth of our business and
the communities we serve.
Keywords: Disability Solutions, Cicero , Third Party Cyber Assurance (TPCA) Assessor, Other , Chicago, Illinois
Didn't find what you're looking for? Search again!
Loading more jobs...