Overview (Bank of America overview, BA Continuum India overview, Business Overview)
Bank of America is one of the world’s leading financial institutions, serving individual consumers, small and middle-market businesses and large corporations with a full range of banking, investing, asset management and other financial and risk management products and services.
We are committed to attracting and retaining top talent across the globe to ensure our continued success. Along with taking care of our customers, we want to be the best place for people to work and aim at creating a work environment where all employees have the opportunity to achieve their goals.
We are a part of the Global Business Services which delivers technology and operations capabilities to Bank of America lines of business (LOB) and enterprise functions.
Our employees help our customers and clients at every stage of their financial lives, helping them connect to what matters most. This purpose defines and unites us. Every day, we are focused on delivering value, convenience, expertise and innovation for individuals, businesses and institutional investors we serve worldwide.
**BA Continuum is a nonbank subsidiary of Bank of America, part of Global Business Services in the bank.
Global Banking & Markets division serves mid- to large-sized corporations and institutional clients worldwide. It is comprised of Business Banking, Global Commercial Banking, Global Corporate & Investment Banking, Global Markets and Wholesale Credit. Aligned with these client-facing groups are Global Capital Markets and Global Research. The Shared Technology Platforms is a portfolio under the GBAMT Strategy, Architecture and Core Platforms portfolio. The portfolio is responsible for designing, building and maintaining high performing software systems that are used by the Global Banking and Markets Technology employees globally. These are Technology for Technology tools that cater to varying project management needs including but not limited to forecasting, hiring, resource lifecycle management etc
A senior professional who has at least 14-18 years’ experience in Internal Audit, IT Risk Management and/or Information Security Management, preferably from IT/ITES industry and/or Big 4 Audit Firms.
The position will involve working closely with technology teams to assess the soundness of the control environment. The role will include understanding the operational risk within the functions, providing related risk assessment and acting as an advisor to the business on risk issues. GBAM Tech has large number of application(s) and platform(s) that undergoes periodic access review in order to comply with the access review requirement of The Bank. The role of the candidate is to work on multiple Identity and Access Management deliverables with stakeholders across the globe to ensure compliance to the Bank’s policies and Identity and Access Management program requirements. The tasks include monitoring status of periodic access review completion and reporting violations, work with GIS ensuring revocation of accounts within agreed SLA, validate completeness and accuracy of user accounts, entitlements and associated permissions of Third Party application. Also this person has to work with app managers to understand the root cause of STR failures, handle aged revocations, toxic combination access remediation’s etc.
Enable strong operational risk management – Identify, escalate & debate risks across business units.
Partner with key Technology Managers to monitor and manage various risk and quality assurance programs across the firm.
Partner with Technology Management audit to identify, document and report self-identified audit issues
Work with application managers and risk leads of the Business Technology Group
Build and maintain strong partnership with Business stakeholders and be responsible for Quality Delivery.
Act as a lead of the team from BACI side
Setup meetings with stakeholders, callout action items and follow-up pending items to closure.
Be able to work on large data handling and publish weekly progress dashboard.
Support technology teams in supporting firm-wide risk programs (i.e. delivering requested artefacts, verifying completeness / accuracy)
Periodic testing of key controls for critical functions and supporting gap remediation as needed.
Support delivery teams on Issues management and Audit management.
Support day to day relationship management and communications with business partners at various levels of the organization, as well as other Enterprise Control Functions (ECFs).
Sound knowledge of Microsoft Office applications – PowerPoint, Excel and Word and ability to work on these without any support.
Education: Master in Computer Application/ Bachelor of Technology/ Bachelor of Engineering.
Certifications (Optional): CISA, CISM, CRISC, CISSP, ISO 27001
Experience Range: 14 -18 years
Solid understanding of a risk control framework (i.e., inherent risks, control procedures, residual risk, etc.)
Deep subject matter knowledge: Understanding and experience on technology processes including:
Software Development: Methodologies (SDLC, RAD, Agile, DevOps)
SDLC Phases: Application Development, Application Maintenance and Production Support, Quality Assurance Testing etc.
Infrastructure Management: Incident and Problem Management, Change Management, Server and Network services, End-user computing.
Information Security and Business Continuity.
Demonstrable IT Risk Management skills including experience in auditing of IT general controls.
Risk Sensitive: Ability to identify and evaluate potential risks and appropriately identify and engage stakeholders for discussion, escalation and resolution. Strong analysis and fact-based decision making. Expected to look beyond the issue at hand and raise questions.
Communication: Proven ability to communicate complex information in simple terms (oral and written). Influence horizontally and vertically across the organization and diverse audiences. Will work both independently and as part of a team and be expected to develop relationships with other Delivery, Control Function, Compliance and Risk groups.
Research: Strong research skills, familiarity/comfort with multiple data/information sources; ability to synthesize findings into a succinct summary/conclusion.
Self-directed: Ability to prioritize work activity to maximize performance against agreed targets.
Thorough knowledge of metrics based risk management.
Strong analytical skills
A proactive approach to problem solving and think innovatively
Job Location: Chennai
Work Timings: General Shift (12:00 PM to 9:00 PM)