OneMain Financial Jobs

Home View All Jobs (2,103,765)

Job Information

Bank of America Identity and Access Management (IAM) Authentication Security Analyst in Boston, Massachusetts

Identity and Access Management (IAM) Authentication Security Analyst

Chicago, Illinois;Washington, District of Columbia; Boston, Massachusetts

To proceed with your application, you must be at least 18 years of age.

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Identity-and-Access-Management--IAM--Authentication-Security-Analyst_26009719-1)

Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Identity-and-Access-Management--IAM--Authentication-Security-Analyst_26009719-1)

Refer a friend

To proceed with your application, you must be at least 18 years of age.

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Identity-and-Access-Management--IAM--Authentication-Security-Analyst_26009719-1)

Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.

Acknowledge (https://ghr.wd1.myworkdayjobs.com/Lateral-US/job/Chicago/Identity-and-Access-Management--IAM--Authentication-Security-Analyst_26009719-1)

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

Position Summary:

Global Information Security (GIS) is responsible for protecting the bank’s information systems, confidential and proprietary data, and customer information. GIS develops and executes the bank’s information security strategy, manages the enterprise security program, identifies and remediates vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents.

Within GIS, Identity & Access Management (IAM) ensures the right individuals have the right access to the right resources at the right time—across increasingly heterogeneous environments and within rigorous compliance standards.

What You Can Expect in Identity & Access Management Intoday’s connected ecosystem, safeguarding user identity is critical to the safety and success of our global workforce. The IAM team partners closely within Global Information Security, all Lines of Business, and second- and third-line functions. This highly visible role involves frequent engagement with senior leaders and key stakeholders.If you excel in dynamic, fast-paced, global environments and are passionate about modern security technologies, this is the place for you. You will collaborate with subject-matter experts, drive meaningful risk reduction, support operational excellence, and help strengthen the bank’s overall identity security posture.

Responsibilities:

  • This role reports directly to the Technology Executive for Authentication, Privilege Access Management Service and Cloud IAM. This role is a backup to the existing Authentication lead in AMRS. Primarily responsible includes assisting Authentication lead and partners with other technology SMEs to ensure that strategic and effectively authentication solutions are adopted across BAC and sure compliance with IAM Standard.

  • Partner with IAM Governance leads to ensure that all authentication related IAM requirements are appropriately measured, reported and governed.

  • Appropriately assess identity and authentication related risks when business and technology decisions are made, demonstrating risk management mindset and practices to safeguard BAC’s reputation, its clients, and assets by driving compliance with applicable laws, rules, and regulations, adhering to BAC Policy and Standards.

  • Monitors industry information security and Identify and Authentication trends and engages peer organizations to refine and enhance BAC’s strategy.

  • Apply industry Identity and Authentication best practices, templates, and documentation while also proposing improvements based on practical knowledge.

  • Establish and maintain strong partnership with other Global Information Security (GIS) functions, Core Technology Infrastructure (CTI), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal audit, and regulatory agencies.

  • Influence relevant tools owners to build/implement enhanced Identity and Authentication solutions that are efficient, effective, and modern and able to deliver material risk reduction in sustainable manner.

  • Collaborate with stakeholders to develop Identity and Authentication requirements that iteratively support long term modernization and transformation (covers Process, Data and Technology aspects).

  • Engage with Product Managers and Senior Architects to comprehend the strategic Identity and Authentication technology roadmap, which dictates the need for modernized security principles.

  • Consult with the business to identify gaps and governance issues, leveraging own domain expertise to find effective solutions.

  • Clearly articulate reasons and methods behind proposed changes through informative materials for educating others.

  • Provide education to team members and technology partners regarding the proposed changes.

  • Partners with the policy governance team for socialization and publication of proposed changes to the relevant Standards

  • Takes accountability for addressing identity and authentication risks. Proactively identify risk and ways to continuously enhance and improve BAC’s controls. Implement and take decisive actions in finding solutions. Drives towards intended outcomes.

  • Engage senior management to provide factual, transparent, and timely reporting on existing and emerging identity and authentication risks.

  • Active participation in GIS IAM forums including but not limited to Monthly IAM Stakeholder Forum and Control Owner Forum for standard and Single Process Inventory (SPI) enhancements.

  • Supports audit issues for closure and sustainability.

Required Qualifications:

  • Extensive knowledge and understanding of identity and authentication specific laws, rules, and regulations within the financial services sector.

  • Understanding and interpreting BAC’s established information security Policy, Standards, Procedure and Guides, and applying this knowledge to related identity and authentication decisions and response. Serve as the Subject Matter Experts in advising BAC business and technology counterparts on effective ways to achieve or exceed compliance with applicable Policy, Standards, Procedures and Guides.

  • Familiarity with security standards such as NIST, ISO/EC, FFIEC.

  • Possession of CISSP certification would be an advantage.

  • Expert level knowledge of identity and authentication methodologies, techniques and technologies.

  • Expert knowledge of PAM related tools which support, MFA, vaulting, integration with service management tool would be an advantage.

  • Bachelor’s Degree or equivalent work experience

  • 7 years relevant hands-on experience in identify and authentication fields in a large and complex organization.

  • Deep security knowledge which covers core technology infrastructure (network, storage, servers, databases, etc.) identity management and application security practice.

  • Deep experience with Linux, Windows, Cloud scale Identity, Access Management (Single Sign-On, Multi Factor Authentication), Authorization services or design and architecture of authentication services or Identity Store.

  • Expert level knowledge of authentication platforms such as Active Directory, LDAP, Kerberos, LDAP, Radius.

Desired Qualifications:

  • Deep knowledge on Federation platforms or protocols such as Oauth, OpenID, SAML, WS-Fed, etc.

  • Expert level experience with IAM platforms such as Ping Identity, Active Directory OpenLDAP, OpenDJ

  • Experience in consumption of Web Service APIs such as JSON / XML

  • Proficient in articulating facts and data-driven plans and to partner with stakeholders to implement intended solutions to drive risk reductions and adherence to relevant Identity and Authentication requirement within IAM standards.

  • Strong attention to detail and advanced analytical skills.

  • Excellent communication and presentation skills.

  • Excellent organizational skills and be able to effectively prioritize multiple tasks

  • Hands on experience and involvement in large and complex projects

  • Proficient in data management which includes strong data analytical capability with advanced understanding of the collection and management of metadata

  • Efficient in motivating, engaging, and leveraging other teams and business partners to efficiently deliver business solutions. Proven track record of influencing and relationship management skills.

  • Proficient in Microsoft Office suite of products with ability to quickly analyze and synthesize large volumes of data

  • Pro-active and able to drive direction of work that needs to be completed, ability to work independently on initiatives with little oversight. Motivated and willing to learn.

  • Confident and effective in delivering messages across a wide spectrum of individuals with varying degrees of technical and business understanding

  • Deep knowledge of bank financial practices and policies and ability to adapt to fast changing environment

  • Knowledge of Compliance Certifications such as SOX, SOC, SOC2.

Shift:

1st shift (United States of America)

Hours Per Week:

40

Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.

View your "Know your Rights (https://www.eeoc.gov/sites/default/files/2023-06/22-088_EEOC_KnowYourRights6.12.pdf) " poster.

View the LA County Fair Chance Ordinance (https://dcba.lacounty.gov/wp-content/uploads/2024/08/FCOE-Official-Notice-Eng-Final-8.30.2024.pdf) .

Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work.

This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

DirectEmployers