Home > Atlanta jobs > Atlanta accounting/financial

Posted: Thursday, January 4, 2018 1:22 AM

Bank of America Merchant Services connects businesses and consumers by doing payments better. In an increasingly complex marketplace, we empower businesses to give consumers the right commerce experience. We consult with businesses to customize solutions that integrate selling channels, open new markets, solve problems using data, stay secure and, ultimately, accomplish more.
Banc of America Merchant Services, LLC is the result of a strategic alliance between Bank of America and First Data Corp. As an industry leader with a powerful commitment to the merchant business, Bank of America Merchant Services delivers a comprehensive suite of innovative payment solutions to merchants of all sizes. We are the number one U.S. payments processor today with over 13.5 billion credit card transactions processed annually, representing approximately 300,000 merchant based relationships. We have industry:leading products, world:class technology solutions, an expansive geographic footprint, and 2,100 full:time associates. We offer outstanding career opportunities and advancement and we promote a healthy work/life balance through special benefits and programs. Bank of America Merchant Services is an Equal Opportunity and Affirmative Action Employer of Females, Minorities, Veterans and Disabled.
The IT Security Assessor : Third Party will execute the BAMS Third Party Risk Assessment Program. Third Party Risk Management, as a function, manages the Third Party standards and the Line of Business compliance to the standards, as well as contractual, legal, regulatory and/or service requirements of Third Parties providing products and/or services to BAMS or BAMS clients. The IT Security Assessor, working with the different BAMS Lines of Business, will drive the scheduling, execution and remediation of Third Party risk pre and post assessments. This program is a primary risk control with which BAMS protects its interests as well as meets regulatory and industry requirements.
Essential Functions
:The Assessor will execute all aspects of the framework attributable to Third Party Information Security and Business Continuity Assessments to ensure corporate compliance with requirements and guidance issued by the Office of the Comptroller of Currency (OCC) and other regulatory bodies.
:Responsible for program execution including the performance of Assessment scoping, evaluation of evidence, analysis, reporting and ongoing remediation. The Third Party Risk Assessment Program includes Third Party Risk Oversight of the following domains:
:Information Security
:Business Continuity
:Physical Security
:Work with internal lines of business (LOBs) to ensure Third Parties are assessed and are compliant with Third Party Risk Management processes and enterprise risk appetite.
:Produce fact based assessment reports to be delivered to BAMS leaders outlining each Third Partys compliance with enterprise Information Security and Business Continuity program standards.
:Influence the LOBs to drive implementation of improvements with Third Party Risk controls where needed.
:Participate in formal Third Party Risk governance routines as needed
:Travel requirements may be as high as 40.
:Strong background in Information security policies/procedure development and implementation.
:Certified Information Systems Security Professional (CISSP)
:3+ years previous Third Party Assessment experience
:Experience in defining and implementing process improvements, including process design and control monitoring
:College degree required.
:Certified Information Security Manager (CISM)
:Certified Business Continuity Auditor (CBCA) or other certifications recognized by the Disaster Recovery Institute
:Background in Information Security Architecture and Design
:Certified Risk Manager (CRM)
:Certified Fraud Examiner (CFE)
:Certified AMS Specialized (CAMS)
:Ability to drive performance through proper incentive/metric design and reportin


• Location: Atlanta

• Post ID: 89128467 atlanta is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2018