Global Information Security Regulatory Management Specialist Denver, Colorado **To proceed with your application, you must be at least 18 years of age.** Acknowledge Refer a friend **To proceed with your application, you must be at least 18 years of age.** Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Denver/Global-Information-Security-Regulatory-Management-Specialist\_25033518) **Job Description:** At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us! GIS Policy Regulatory Management Specialist represents Global Information Security (GIS) while working with Compliance, Risk, Legal, FLU's and Enterprise functions, consulting on all regulations with Global Information Security applicability. Expected to read published laws rules regulations and guidance’s (LRRGs), understand how they apply to GIS and map them to GIS policy. Maintain the inventory of LRRGs and mappings in the system of record and update the mappings as needed when policy language changes. Must be able to assess regulatory requirements against GIS policy, controls and assessment proof points. Drive action plans to address any regulatory gaps and ensure accurate risk and compliance reporting. Will work closely with subject matter experts including GIS Policy, Risk, Audit, Lines of Business, Legal, Compliance and external regulators as needed. Additional expectations of role: • Ensure Laws, Rules, Regulations and Guides (LRRGs) in the GIS inventory are mapped to GIS policies and identified gaps are addressed to ensure policy coverage of regulatory requirements, industry standards and best practices. • Breakdown and map assigned Laws, Rules, Regulations and Guides (LRRGs) to GIS policy requirements • Raise any identified policy language gaps to be validated and remediated • Perform Impact Assessments for any GIS policy changes (standards and baselines) to ensure coverage is maintained to aligned LRRGs • Perform Impact Assessments for GIS Policy Exception Types to ensure a policy violation is not created based on aligned LRRGs • Maintain accurate data for all LRRGs and GIS policy mappings in the system of records through BAU and QA routines • Publish routine reports for Regulatory Landscape, metrics, newsletters, etc • Maintain process documentation and playbooks • Analytical mindset and teamwork to support and improve the GIS Policy Governance ecosystem. • Technical and business knowledge to ensure policy language gaps are covered by policy and have aligned controls. • Result-oriented, business focused, and successful individual to interface across multiple organizational units, at various levels. • Knowledge/experience/exposure with information security topics, including the design, development, testing, implementation or governance of information security practices and solutions • Knowledge of access management/risk identification and mitigation/project management skills. Minimum Years of Experience 5 Required Qualifications: • Previous experience in Information Technology / Information Security • Ability to identify, analyze and address problems to resolve issues whenever possible in a way that minimizes negative impact and risk to the organization • Strong critical thinking/analytical skills/problem solving/conceptual thinking • Highly effective written and verbal communication skills. • Microsoft Office Proficient (Excel, Word, Outlook, Visio, PowerPoint, etc.) • Ability to communicate complex information in simple terms (oral and written) • Strong organization skills with the ability to prioritize requests and workload accordingly • Strong analysis and fact-based decision-making • Strong leadership skills and qualities which enable you to work with peers and various levels of management • Proven ability of risk oriented approach and Strong risk management acumen. • Influence horizontally and vertically across the organization and diverse audiences with varying degrees of technical understanding • Ability to work independently on initiatives with little oversight. • Motivated and willing to learn. • Quick learner and self-starter Desired Qualifications • 5 years of experience operating within an information security environment. • Bachelor's degree in Information Technology or related field • Prior Governance, Compliance, and or Audit experience desired. • Broad awareness of information security operations and/or enterprise information technology (Enterprise data management, application development, network management). • Familiarity with independent audit, assessment, QA/QC functions desired. • Leadership competency in geographically diverse matrixed environment. • Must be comfortable communicating technology impacts and risk to various levels of executive management understanding the need to tailor and deliver appropriate content for given audience. • Ability to work with Technical and Non Technical business owners • Experience with Project Management or working with Project Managers **Skills:** + Customer and Client Focus + Interpret Relevant Laws, Rules, and Regulations + Policies, Procedures, and Guidelines + Problem Solving + Quality Assurance + Business Acumen + Controls Management + Innovative Thinking + Process Management + Stakeholder Management + Business Process Analysis + Data Governance + Data Privacy and Protection + Data and Trend Analysis + Risk Analytics This job will be open and accepting applications for a minimum of seven days from the date it was posted. **Shift:** 1st shift (United States of America) **Hours Per Week:** 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. To view the "Know your Rights" poster, CLICK HERE (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12.pdf) . View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) . Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment. To view Bank of America’s Drug-free Workplace and Alcohol Policy, CLICK HERE . Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work. This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.