Information Security jobs in United Kingdom

Job Description:

Job Title: Information Security Senior Risk Manager

Corporate Title: SVP

Location: Chester/London

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Job Overview:

The Information Security Senior Risk Manager is aligned to the EMEA Regional Information Security Office and will be based in Chester, reporting into the Regional Information Security COO. This role will act as senior information security risk specialist and will work with the senior leadership team on defining, implementing, and delivering the overall risk agenda. This will ensure a focus on the risk priorities relating to information security. To achieve this, they will leverage the regional risk team as well the wider regional and global information security functions and enterprise partners, as needed.

Key Responsibilities:

• Provide advisory and oversight on information security risks and be a trusted advisor to senior management and country information security officers.
• Keep abreast of the evolving cyber security and regulatory landscapes and develop appropriate risk management and governance solutions & insights.
• Manage the risk identification and intake process for the region and ensure risks and issues are appropriately discussed, prioritized, and remediated.
• Assess and discuss risk and issues in a regional context, with a lens on differences in markets and regulatory environments.
• Drive or participate in periodic deep dives and tabletop exercises to ensure processes stay current.
• Collaborate with regional and global Information Security functions to prevent, detect, mitigate, and respond/recover to information security issues.
• Partner closely with wider technology groups to ensure information security risks are socialized and timely remedial action is taken.
• Drive awareness activities in the region based on the risk and threat landscape.

What we are looking for:

• Extensive technology risk management experience with proven ability to effectively apply risk principles to challenging business situations.
• Subject matter expertise in information security; including application security, development of risk appetite metrics and experience in understanding and evaluating cyber security controls.
• Track record of creating scalable processes with regards to governance, risk assessment, risk transparency and assurance.
• Exceptional executive presentation and communication skills with excellent influencing and problem-solving abilities.
• Extensive experience in data visualization and storyboarding for an executive audience.
• Practical experience in NIST Cybersecurity Framework or related frameworks and their application.
• Practical and current risk management experience in both UK and EU regulatory environments (mandatory).
• Ability to comfortably deliver messages across a wide spectrum of individuals having varying degrees of technical understanding.
• Leadership skills and qualities which enable you to work with peers and various levels of management, including senior management.

Desired skills:

• Bachelors and/or Master’s degree in Computer Science, Information Technology or related field.
• Relevant information security certifications such as CISSP, CISM, CISA or similar.

Bank of America

Good conduct and sound judgment is crucial to our long term success. It’s important that all employees in the organisation understand the expected standards of conduct and how we manage conduct risk. Individual accountability and an ownership mind-set are the cornerstones of our Code of Conduct and are at the heart of managing risk well.

We are an equal opportunity employer, and ensure that no applicant is subject to less favourable treatment on the grounds of gender, gender identity, marital status, race, colour, nationality, ethnic or national origins, age, sexual orientation, socio-economic background, responsibilities for dependants, physical or mental disability. The Bank selects candidates for interview based on their skills, qualifications and experience.

We strive to ensure that our recruitment processes are accessible for all candidates and encourage any candidates to tell us about any adjustment requirements.