Assessment Preparation Analyst

  • Bank of America
  • Aug 31, 2019
Full time Intelligence Fraud

Job Description

The Third Party Information Security (TPIS) function within Global Information Security is responsible for oversight of third party security programs, including assessing third party security programs and maximizing protections for all aspects of security for the third party landscape. The TPIS assessment preparation team member will assist in assessment scope determination, meeting with enterprise vendor manager and vendor to prepare them for the assessment, documentation collection (e.g. TruSight or vendor provided policies/procedures) and preparation of assessment work-papers.

Your primary responsibility will be to ensure each third party is prepared for the assessment and gather an understanding of the third party security environment; you’ll meet with Enterprise Vendor Managers and Vendors and act as single point of contact to prepare the vendor for the assessment and answer detailed questions. You will talk with the vendors security team to understand control environment, control strength and health and review information security policies/procedures for completeness. Based upon your meetings, you will populate the assessment workpapers with your information for the third party assessors to document gaps and determine remediation approaches.

Required Skills
  • Background in information security or risk management
  • Outstanding verbal and written communication skills
  • Ambitious, disciplined, hardworking, resilient and willing to learn
  • Risk management focused with a passion for excellence and positive team attitude
  • Ability to think logically
  • Highly organized and project management skills
  • Strong time management skills
Desired Skills
  • Bachelor's degree in Information Technology, information security or related field
  • Strong analytical skills/problem solving/conceptual thinking
  • Ability to work with technical and non-technical business owners
  • Optional Certifications: CISSP (ISC2), CISA, CRISC, CISM (ISACA), CCIE (Cisco), TOGAF, CCTA (McAfee), CCFP (ISC2).



1st shift (United States of America)

Hours Per Week: