Info Security Controls Specialist I B

Job Description:

About Us

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection.  Responsible Growth is how we run our company and how we deliver for our clients, teammates, communities, and shareholders every day.

One of the keys to driving Responsible Growth is being a great place to work for our teammates around the world. We’re devoted to being a diverse and inclusive workplace for everyone. We hire individuals with a broad range of backgrounds and experiences and invest heavily in our teammates and their families by offering competitive benefits to support their physical, emotional, and financial well-being.

Bank of America believes both in the importance of working together and offering flexibility to our employees. We use a multi-faceted approach for flexibility, depending on the various roles in our organization.

Working at Bank of America will give you a great career with opportunities to learn, grow and make an impact, along with the power to make a difference. Join us!

Global Business Services

Global Business Services delivers Technology and Operations capabilities to Lines of Business and Staff Support Functions of Bank of America through a centrally managed, globally integrated delivery model and globally resilient operations. Global Business Services is recognized for flawless execution, sound risk management, operational resiliency, operational excellence, and innovation. In India, we are present in five locations and operate as BA Continuum India Private Limited (BACI), a non-banking subsidiary of Bank of America Corporation and the operating company for India operations of Global Business Services.

Process Overview

Global Exception Management (GEM) team, is responsible for the governance of exceptions based on required approvals including tracking, reviewing, expiring exceptions, and revoking based on GIS standards and policies. Also, the team responsible to test/evaluate web browsers and their functionality and provide inputs to the product SME’s

Job Description*

Includes performing due diligence of policy exception requests to ensure appropriate approvals and justifications are provided, as well as provisioning and de-provisioning of the exceptions.  Also includes testing websites using the bank’s Secured browser and sharing results with process SME’s. Knowledge of Information Security Policies and Cyber security tools and technologies including experience in testing features, functionalities and components of these technologies is recommended.

Responsibilities*

• Evaluate categorization of different websites and their behaviors, including available functionality, and provide inputs/results to SME’s  
• Work in geographically spread team that works on a 12 x 7 rotational shifts model
• Provision and de-provision of exceptions after performing due diligence  
• Categorization and un-categorization of URL’s in coordination with vendors
• Collaborate with teams within and outside GIS to support incidents and handle escalations
• Create reports based on the KPI’s/metrics defined for the process

Requirements*

Education*  - BE/BTECH/MCA/MSC (IT) equivalent (Any Technical Degree)

Certifications If Any* - Comp TIA Security+ or any equivalent (Preferred, but not mandatory)

Experience Range* - 5 -10 years of experience

Foundational Skills*

• Knowledge of the architecture and functionality of different web browsers
• Experience in troubleshooting browser and access related issues for end users
• Knowledge of categorization of websites, features and their behaviors
• Understanding of pre-prod/prod environments, deployment of rules/policies,
• Understanding of Data Loss Prevention (DLP) and malware security controls
• Must be flexible to work in any shifts covering 12/7 support model
• Understanding of exceptions management, and access provisioning/deprovisioning
• Knowledge of cyber threats, vulnerability, and risk management
• Experience working in ticketing tools, such as Remedy or Jira, and ability to run queries in Splunk for troubleshooting proxy/access issues
• Continuously learn and adapt to new tools, processes and technologies.
• Ability to work effectively with business owners and provide support
• Excellent communication skills and the ability to articulate the accomplishments

Desired skills*

• Knowledge of browser design, deployment and maintenance of configurations across enterprise
• Integrating browser security with identity & access management, endpoint protection, and DLP
• Develop and enforce browsing policies aligned with compliance frameworks like NIST, GDPR etc.
• Monitor browser activity for anomalies, threats, and policy violations  
• Knowledge of automation tools such as Python, Para soft etc.
• Network / Systems / Information Security Administration

Work Timings* - 6:30 AM to 3:30 PM or 2:30 PM - 11:30 PM IST - Rotational Shift

Job Location* - Chennai, Hyderabad