Transformational Lead u2013 Data Loss Prevention & ...

Transformational Lead u2013 Data Loss Prevention & Identity Defense Chicago, Illinois;Washington, District of Columbia; Denver, Colorado To proceed with your application, you must be at least 18 years of age. Acknowledge ( Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position. Acknowledge ( Refer a friend To proceed with your application, you must be at least 18 years of age. Acknowledge ( Bank of America employees are required to meet all posting eligibility requirements prior to applying for any new position. Acknowledge ( Job Description: At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day. Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammatesu2019 physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve. Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations. At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us Job Description: The Transformational Lead u2013 Data Loss Prevention (DLP) & Identity Defense is a senior individual contributor responsible for driving innovation, modernization, and operational maturity across the organizationu2019s data protection and identityu2011centric threat defense capabilities. Sitting within Cyber Security Operations (CSO), this role will focus on leading emerging technology initiatives that expand and enhance existing security platforms while exploring and evaluating new tools, vendors, and techniques. The ideal candidate is a strategic self-starter who can work independently, partner effectively with technology and business stakeholders, and lead complex, cross-functional programs from inception through execution. A strong emphasis will be placed on improving efficiency through automation, leveraging AI-enabled capabilities, and proactively addressing emerging threats through forward-looking risk mitigation strategies. Key Responsibilities: Technology Transformation & Innovation + Drive modernization of DLP and Identity Defense capabilities, identifying opportunities to enhance, expand, or rationalize existing platforms. + Lead exploration and evaluation of emerging technologies, tools, and techniques to address evolving data loss and identityu2011based threats. + Assess and recommend new vendors and products, developing clear problem statements, options analysis, and business cases. + Shape futureu2011state architectures for identityu2011centric threat defense and data protection, including ITDRu2011aligned capabilities. Automation, AI & Operational Efficiency + Lead initiatives to increase automation, reduce manual effort, and improve detection signal quality across DLP and identity workflows. + Leverage AI, machine learning, behavioral analytics, and advanced data analysis to enhance prevention, detection, and decisionu2011making. + Partner with engineering, SOAR, and platform teams to embed automation and orchestration into endu2011tou2011end security workflows. + Focus on capacity creation by reducing noise, streamlining response paths, and improving analyst effectiveness. Identityu2011Centric & Datau2011Focused Threat Defense + Perform advanced analysis and investigation of identityu2011based attacks and data misuse scenarios, including account takeover, privilege escalation, insider risk, and anomalous behavior. + Apply deep understanding of attacker TTPs, identity abuse patterns, and data exfiltration techniques to evolve detections and mitigations. + Help govern and optimize security technologies such as DLP platforms, MFA, identity verification, IGA, behavioral analytics, and ITDRu2011adjacent controls. + Collaborate with detection engineering to continuously refine use cases, logic, and coverage. Threat Awareness, Risk Strategy & Governance + Stay current on emerging threats, attacker techniques, and industry trends related to identity compromise and data protection. + Translate threat intelligence and risk insights into actionable controls, roadmap enhancements, and mitigation strategies. + Support alignment of DLP and identity controls to enterprise policy and external standards (NIST, ISO, MITRE, GDPR). + Inspect and challenge existing controls to strengthen risk posture and operational discipline. Program & Initiative Leadership (ICu2011Led) + Drive complex, multiu2011phase initiatives from concept through execution, including planning, delivery, risk management, and stakeholder communication. + Establish clear success metrics, milestones, and outcomes for transformation efforts. + Influence across organizational boundaries to align priorities, sequencing, and executionu2014without formal authority. Metrics, Reporting & Executive Insight + Contribute to the definition and maintenance of KRIs and operational metrics for DLP and identity defense effectiveness. + Deliver concise, executiveu2011ready insights that clearly articulate risk posture, tradeu2011offs, and impact. Required Qualifications & Skills: + 8+ years of experience in cybersecurity, with strong depth in Data Loss Prevention, Identity Security, or adjacent protection domains. + Proven experience driving largeu2011scale or transformational security initiatives from ideation to execution as an individual contributor. + Strong understanding of modern DLP and identity defense architectures, including cloud, endpoint, email, collaboration, and SaaS environments. + Handsu2011on experience investigating identityu2011centric attacks and data misuse scenarios, with a solid grasp of attacker TTPs. + Demonstrated ability to improve operational efficiency through automation, orchestration, and workflow optimization. + Experience evaluating and integrating new security technologies and vendors into complex enterprise environments. + Ability to operate independently, manage ambiguity, and drive outcomes without a peopleu2011manager remit. + Excellent communication skills, with the ability to translate complex technical topics into clear, actionable guidance. Desired Qualifications: + Experience with AI/MLu2011powered security tools, such as user behavior analytics, intelligent data classification, or adaptive controls. + Background in IAM, privileged access management, fraud, insider risk, or ITDR. + Familiarity with SOAR platforms, policy orchestration, or low/nou2011code automation tools. + Experience operating in large, matrixed enterprises with hybrid and cloudu2011first architectures. + Strong strategic thinking with the ability to translate vision into practical, phased roadmaps. + Prior exposure to regulatory, risk, or compliance considerations related to data protection and identity security. + Advanced degree in Information Security, Computer Science, Engineering, or equivalent experience. Skills: + Cyber Security + Data Privacy and Protection + Problem Solving + Process Management + Threat Analysis + Access and Identity Management + Business Acumen + Interpret Relevant Laws, Rules, and Regulations + Risk Analytics + Stakeholder Management + Data Governance + Data and Trend Analysis + Incident Management + Information Systems Management + Technology System Assessment This job will be open and accepting applications for a minimum of seven days from the date it was posted. Shift: 1st shift (United States of America) Hours Per Week: 40 Bank of America and its affiliates consider for employment and hire qualified candidates without regard to race, religious creed, religion, color, sex, sexual orientation, genetic information, gender, gender identity, gender expression, age, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law, and as such affirms in policy and practice to support and promote the concept of equal employment opportunity, in accordance with all applicable federal, state, provincial and municipal laws. The company also prohibits discrimination on other bases such as medical condition, marital status or any other factor that is irrelevant to the performance of our teammates. View your

Created: 2026-05-02