Information Security Transformation Lead - Data Leakage Prevention

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

The Information Security Transformation Lead will drive the design, integration, and execution of enterprise-wide transformation initiatives to strengthen data protection and data security capabilities within the Data Loss Prevention (DLP) organization. The role spans all DLP channels — endpoint, network, cloud, email, internet, and data at rest — ensuring the program evolves to meet advanced threats, regulatory requirements, and strategic business needs.

This highly technical position demands deep expertise in information security architecture, engineering, and threat detection with a proven track record in implementing modern, scalable, and secure data protection capabilities. The Transformation Lead serves as the strategic and technical lead for DLP transformation, ensuring the DLP organization delivers best-in-class data protection capabilities across all channels.

Key Responsibilities

• Own the DLP transformation roadmap for data protection and data security across all channels, aligning with enterprise information security architecture and DLP strategy.
• Conduct deep technical assessments of DLP and adjacent security capabilities, identifying architecture, tooling, and process gaps.
• Partner with control owners to develop functional and non-functional requirements for new capabilities, ensuring alignment to threat models and compliance requirements.
• Architect and guide the delivery of integrated data protection solutions, incorporating DLP tooling, encryption, cloud-native controls, and internet security capabilities.
• Develop and maintain threat models for data exfiltration and insider threat scenarios, mapping to frameworks such as MITRE ATT&CK.
• Oversee technical design for secure internet traffic inspection, advanced policy enforcement, and automation for faster detection and response.
• Ensure all transformation efforts meet regulatory, audit, and security policy standards (e.g., NIST 800-53, FFIEC, GDPR, CCPA).
• Act as a trusted advisor to GIS, CTO, and enterprise stakeholders on advanced data protection strategies and engineering practices.
• Provide clear executive-level reporting on transformation progress, security posture improvements, and program maturity.

Required Qualifications

• Minimum of 7 years of information security expertise in architecture, engineering, and operations, with focus areas in:
  • DLP across endpoint, network, email, cloud, and data at rest
  • Internet protocols, proxy and gateway security, firewall policy design
  • Cloud security architectures and SaaS data protection
  • Encryption, key management, and secure data handling
• Proven experience integrating data protection solutions with SIEM, SOAR, CASB, EDR/XDR, IAM, and secure web gateways.
• Strong capability in threat modeling and translating results into security architecture changes.
• Understanding of regulatory and industry standards for high-risk data in financial services and other regulated environments.
• Ability to lead technical design reviews and challenge architectural decisions to ensure security-by-design.
• Exceptional relationship management and influence skills across complex, global organizations.

Desired Qualifications

• Security certifications such as CISSP, CCSP, CISM, or GIAC.
• Automation and scripting skills (Python, PowerShell, etc.).
• Experience in AI-assisted anomaly detection for data security.
• Background in financial services or similarly regulated industries.

Skills:

• Cyber Security
• Data Privacy and Protection
• Problem Solving
• Process Management
• Threat Analysis
• Access and Identity Management
• Business Acumen
• Interpret Relevant Laws, Rules, and Regulations
• Risk Analytics
• Stakeholder Management
• Data Governance
• Data and Trend Analysis
• Incident Management
• Information Systems Management
• Technology System Assessment

Shift:

1st shift (United States of America)

Hours Per Week:

40