Identity and Access Management (IAM) Authentication ...

Identity and Access Management (IAM) Authentication Security AnalystChicago, Illinois;Washington, District of Columbia; Boston, MassachusettsTo proceed with your application, you must be at least 18 years of age.Acknowledge (Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.Acknowledge (Refer a friendTo proceed with your application, you must be at least 18 years of age.Acknowledge (Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position.Acknowledge (Job Description:At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!Position Summary:Global Information Security (GIS) is responsible for protecting the bank’s information systems, confidential and proprietary data, and customer information. GIS develops and executes the bank’s information security strategy, manages the enterprise security program, identifies and remediates vulnerabilities, and operates a global security operations center that monitors, detects, and responds to cybersecurity incidents.Within GIS, Identity & Access Management (IAM) ensures the right individuals have the right access to the right resources at the right time—across increasingly heterogeneous environments and within rigorous compliance standards.What You Can Expect in Identity & Access Management:In today’s connected ecosystem, safeguarding user identity is critical to the safety and success of our global workforce. The IAM team partners closely within Global Information Security, all Lines of Business, and second- and third-line functions. This highly visible role involves frequent engagement with senior leaders and key stakeholders. If you excel in dynamic, fast-paced, global environments and are passionate about modern security technologies, this is the place for you. You will collaborate with subject-matter experts, drive meaningful risk reduction, support operational excellence, and help strengthen the bank’s overall identity security posture.Key Responsibilities Partner with the Authentication team leader and technology SMEs to drive adoption of compliant, enterprise‑wide authentication solutions aligned to IAM standards. Monitor industry identity and authentication trends and engage peers to inform and evolve BAC’s security strategy. Apply industry best practices, standards, and documentation, recommending improvements based on practical experience. Build and maintain strong partnerships across Global Information Security (GIS) functions, Core Technology Infrastructure (CTI), Cyber Security Technology (CST), Third Party management, Global Compliance and Operations Risk (CGOR), internal audit, and regulatory agencies. Engage Product Managers and Senior Architects to align with the strategic identity and authentication technology roadmap. Collaborate with stakeholders to define identity and authentication requirements supporting long-term modernization across process, data, and technology. Influence tool owners to design and implement modern, efficient identity and authentication solutions that deliver sustainable risk reduction. Assess identity and authentication risks in business and technology decisions, ensuring compliance with internal policies and external regulatory requirements Take ownership of identity and authentication risk management by proactively identifying issues, strengthening controls, and driving outcomes. Partner with IAM Governance leads to ensure that all authentication related IAM requirements are appropriately measured, reported, and governed. Actively participate in GIS IAM forums to support standards, controls, and Single Process Inventory (SPI) enhancements. Consult with business partners to identify gaps and governance issues and develop effective remediation strategies. Provide senior management with timely, transparent reporting on existing and emerging identity and authentication risks. Clearly communicate proposed changes through written materials and education sessions for team members and technology partners. Partner with policy governance teams to socialize and publish updates to identity and authentication standards. Support audit issue remediation, closure, and sustainability. Required Qualifications: 3–5 years of hands‑on experience in identity and authentication within a large, complex organization. Strong working knowledge of identity and authentication methodologies, technologies, and platforms. Experience with authentication platforms and protocols including Active Directory, LDAP, Kerberos, RADIUS, OAuth, OpenID, SAML, and WS‑Fed. Experience with IAM platforms such as Ping Identity, Active Directory, OpenLDAP, and OpenDJ. Working knowledge of Privileged Access Management (PAM) tools, including MFA, vaulting, and service management integrations. Robust security knowledge across core technology infrastructure (networks, servers, databases, storage), identity management, and application security. Hands‑on experience with Linux, Windows, and cloud‑scale IAM solutions (SSO, MFA, authorization services, identity stores). Experience consuming web service APIs (JSON, XML). Proficiency in data management and analytics, including metadata collection and management. Working knowledge of financial services laws, regulations, and industry standards related to identity and authentication. Familiarity with security and regulatory frameworks such as NIST, ISO/IEC, FFIEC, SOX, SOC, and SOC 2. Ability to interpret and apply BAC information security policies, standards, and procedures to ensure compliance. Experience contributing to large, complex initiatives with multiple stakeholders. Strong analytical skills with attention to detail and the ability to synthesize large volumes of data. Excellent organizational skills with the ability to prioritize competing demands. Self‑directed, proactive, and comfortable working independently in a fast‑paced, evolving environment. Proficiency in Microsoft Office tools for analysis, reporting, and communication. Understanding of bank financial practices and the ability to adapt to change. Strong ability to articulate facts, risks, and data‑driven recommendations to technical and non‑technical audiences. Proven experience influencing stakeholders and partnering across business and technology teams to drive risk reduction and solution adoption. Excellent written, verbal, presentation, and relationship‑management skills. Shift:1st shift (United States of America)Hours Per Week:40Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates.View your "Know your Rights (" poster.View the LA County Fair Chance Ordinance (.Bank of America aims to create a workplace free from the dangers and resulting consequences of illegal and illicit drug use and alcohol abuse. Our Drug-Free Workplace and Alcohol Policy (“Policy”) establishes requirements to prevent the presence or use of illegal or illicit drugs or unauthorized alcohol on Bank of America premises and to provide a safe work environment.Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. Should you be offered a role with Bank of America, your hiring manager will provide you with information on the in-office expectations associated with your role. These expectations are subject to change at any time and at the sole discretion of the Company. To the extent you have a disability or sincerely held religious belief for which you believe you need a reasonable accommodation from this requirement, you must seek an accommodation through the Bank’s required accommodation request process before your first day of work.This communication provides information about certain Bank of America benefits. Receipt of this document does not automatically entitle you to benefits offered by Bank of America. Every effort has been made to ensure the accuracy of this communication. However, if there are discrepancies between this communication and the official plan documents, the plan documents will always govern. Bank of America retains the discretion to interpret the terms or language used in any of its communications according to the provisions contained in the plan documents. Bank of America also reserves the right to amend or terminate any benefit plan in its sole discretion at any time for any reason.

Created: 2026-04-08