Your browser does not support javascript! Please enable it, otherwise web will not work for you.

Information Security Controls Specialist

Home > Retail Banking

Information Security Controls Specialist in Singapore

  • Bank of America
  • Full time
  • Email

The Global Information Security (GIS) Governance Risk & Controls team in Asia Pacific oversees management of cybersecurity risk in the region. This includes holistic alignment of data security, technology, and innovation policies, controls, and processes to laws, rules, and regulations and driving risk-informed decision-making. The team is also responsible for representing the bank’s cybersecurity interests with local and regional industry partners and reducing overall exposure to cybercrime.

Position Description

Background: As a specialist in the GIS APAC GRC team, the Regulatory Assurance Analyst will be responsible for championing regulatory assurance program including definition and roll out of program related to information security. This will be achieved through rigorous analysis of regulatory requirements and a structured approach to compliance reviews. The Regulatory Assurance Analyst will drive proactive self-assessment of regulatory compliance in APAC. This will involve assessing regional laws, rules, regulations and industry standards impacting information security and ensuring the Bank’s compliance to these. Other key responsibilities include reviewing and remediating issues related to information security policy, standards, baselines, and exceptions that impact regulatory compliance. The role will ensure that policy, control, exception, and regulatory governance processes and relevant supporting evidence are ready for audit and regulatory inspection.

Key Responsibilities

  • Develop and deliver the GIS Regulatory Assurance capability and program for the Bank
  • Refine and manage the program for sustainability.
  • Senior stakeholder engagements to roll out and address program requirements
  • Coordinate with global/regional SMEs to deliver cyber assurance program
  • Support cybersecurity LRR and policy/regulatory programs in the region
  • Drive awareness on regulatory thematic areas based on analysis of regulatory requirements and drivers
  • Support regulatory engagements and/or roll out of exam management initiatives


Key Requirements

  • Experience working with regulators, risk forums or equivalent organizations with good understanding of policies and regulatory requirements
  • Broad understanding of cybersecurity and data principles and management techniques
  • A self-starter, team player with a strong people-influencing skillset
  • Intellectual curiosity and a desire to learn new skills
  • Knowledge of APAC laws, rules, and regulations impacting information security
  • Excellent command of the English Language
  • The ability to communicate and understand how to translate technical gaps into business risk
  • BA/BS in Information Technology, Information Security, Computer Science, Cyber Security or related field, Advanced Degree desired.  Depending on work experience, experience may be considered in lieu of Degree
  • 6-9 years of cyber security/risk/regulatory experience
  • Certification desired but not required:  CISSP, CRISC, CISM

Location: Singapore

Bank of America

Bank of America is one of the world's largest financial institutions, serving individual consumers, small- and middle-market businesses and large corporations with a full range of banking, investing, asset management and other financial and risk management products and services. BoA operates in 3...