Bank of America GIS Exceptions Governance Manager in Chicago, Illinois

Job Description:

This position will be a member of the Global Information Security (GIS) Global Risk and Compliance (GRC) /Governance and Policy organization which is responsible for managing the GIS Governance and Policy Ecosystem, integrating regulatory impact assessment and cybersecurity policies, supporting risk and issues management, governance, and improvement of GIS policy and control functions. The GIS Governance Policy Ecosystem generates granular end-to-end mappings that drive debate on how to enhance cybersecurity policy, improve cybersecurity controls, meet regulatory mandates and address emerging cybersecurity threats.

The role collaborates with (GIS) Policy subject matter experts, control owners, business stakeholders, and other GT&O accountable parties in the course of GIS Governance & Policy work. Responsible for managing the GIS Policy Exceptions Management Governance Committee (GPEMC), coordinating projects, initiatives and actions to manage exceptions and non-compliance to Information Security Policy. Must be able to meet demands associated with managing multiple projects in a global environment.

The goals of the position will be to:

1) Support implementation and execution of governance routines to ensure appropriate review and timely disposition of information security exception types and the associated risk, in line with GIS/GTO risk governance framework

2) Identify and support efforts to automate and improve GIS policy exception management function to move to a proactive, efficient program based on foundation of effective risk management and risk prioritization

3) Support risk issue identification related to GIS Policy and Programs.

4) Support identification of thematic issues across exception type and ensure appropriate visibility with senior leaders by supporting escalation routines

5) Improve/develop routines and controls to ensure appropriate focus on exception management and risk reduction within defined timelines


• Advises senior management on issues related to policy exceptions and the risks and vulnerability associated with them. Recommends actions in support of the GIS Policy and the bank's wider risk management and compliance programs

• Contributes to quality control and reporting for exception functions

• Ensures compliance with policies and procedures

Risk Management

• Supports execution of exception management governance deliverables

• Participates in executive level Risk Management Routines including the management of the GPEMC

• Supports exception management and governance routines to drive disposition of GIS exceptions within defined timeframes


• Ability to build strong Partner relationships with peer technology, risk and control groups as well as LOBs

• Drives required risk culture and partnership with peer GIS and technology teams and supported LOBs

Required Skills:

• A working knowledge of control, compliance, and risk frameworks

• Prior experience with laws/rules/regulation and information security policy and controls

• An understanding of the regulatory environment within which the Bank operates is strongly preferred.

• Strong project management, time management, communication and analytics skills.

• Risk management experience with ability to effectively apply risk principles to business situations

• Must display strong subject matter expertise in information security risk management, governance and development of risk appetite

• Executive presentation and communication skills

• Excellent influencing and problem-resolution skills

• Strong technical writing skills

• Must be comfortable in delivering messages across a wide spectrum of individuals having varying degrees of technical understanding

• Must have strong leadership skills and qualities which enable you to work with peers and various levels of management

• Risk management experience with proven ability to effectively apply risk principles to challenging business situations

Desired skills

Bachelor's degree in Information Technology, Information Security, or related field

• Bank or financial institution experience

• Ability to work with Technical and Non-Technical stakeholders

• Audit experience a plus

• Strong analytical skills/problem solving/conceptual thinking

Posting Date : 02/05/2019

Location :

Chicago, IL, 135 S LA SALLE ST (IL4135),

Addison, TX, 16001 N Dallas Pkwy (TX8044),

  • United States

Travel : No

Full / Part-time : Full time

Hours Per Week : 40

Shift : 1st shift

Assistance for Applicants with Disabilities

Bank of America is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please visit the Applicants with Disabilities page at .

Diversity & Inclusion

At Bank of America, our commitment to diversity and inclusion is helping us to create not only a great place to work, but also an environment where our employees, our customers and our communities around the world can reach their goals and connect with each other. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Frequently Asked Questions

Need to know how to apply online, view a list of your submitted job applications or reset your password? Visit our FAQ at section for answers to these questions and more.