Application Security Product Manager
Apply NowCompany: Bank of America Corporation
Location: Washington, DC 20011
Description:
Job Description:
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Position Summary:
Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation, architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.
We are seeking a highly skilled and experienced Application Security Product Manager to join our team. In this role, you will be responsible for integrating security controls as code within our software development life cycle. You will work closely with cross-functional teams, including DevOps, software engineering, and IT operations, to design, implement, and maintain robust security solutions that enable developers to secure application code against emerging threats.
Key Responsibilities:
Qualifications:
Desired:
Skills:
Job Description:
Responsible for maximizing the value for one or more products, at the program level in a scaled Agile model. Defines the vision and roadmap for the program, defining and prioritizing the features/epics in the program backlog, and articulating this to both stakeholders and development teams. Works closely with stakeholders to understand their needs, and with Products Owners to ensure they are aligned on priorities. They support and collaborate with the Product Portfolio Executive on financials throughout delivery. Is an expert of the products, business or technology domain, and the industry in which the product competes. This role can be part of the business/LOB (recommended) or in technology. As an expert, creates the vision and roadmap for the program based on customer requirements, industry trends, regulations, and the strategic direction for the business or technology domain. Communicates the program vision and roadmap to stakeholders, Product Owners and the teams. Oversees the budget(s) for one or more products. Provides input into defining business capabilities and aligning them to products or creating new products to support them. Articulates the business value to Product Owners so they understand product and strategy; Ensures alignment across product roadmap to achieve portfolio objectives. Creates and prioritizes features/epics in the program backlog; empowered to make decisions about trade-offs with emerging work versus planned work. Refines features/epics with the Product Owners to ensure there is enough ready work for the upcoming 1-2 quarters. Reviews and accepts features/epics and is empowered to make on-the-spot decisions on scope and requirements. Works in partnership with the Product Owners and the teams to ensure that optimum value is obtained through technology and through an advanced understanding of the business and industry trends. Participates and attends relevant industry events to bring points of view and trends to the Bank. May lead a Community of Practice and participate in the Center of Excellence. May manage a team.
Shift:
1st shift (United States of America)
Hours Per Week:
40
Pay Transparency details
US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540)
Pay and benefits information
Pay range
$115,800.00 - $215,000.00 annualized salary, offers to be determined based on experience, education and skill set.
Discretionary incentive eligible
This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.
Benefits
This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.
At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.
Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates' physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.
Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.
At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!
Position Summary:
Come join an exciting team within Global Information Security (GIS). Cyber Security Technology (CST) is a globally distributed team responsible for cyber security innovation, architecture, engineering, solutions and capabilities development, cyber resiliency, access management engineering, data strategy, deployment maintenance, technical project management and information technology security control support.
We are seeking a highly skilled and experienced Application Security Product Manager to join our team. In this role, you will be responsible for integrating security controls as code within our software development life cycle. You will work closely with cross-functional teams, including DevOps, software engineering, and IT operations, to design, implement, and maintain robust security solutions that enable developers to secure application code against emerging threats.
Key Responsibilities:
- Product Vision and Strategy: Define and communicate a clear product vision that aligns with our Cybersecurity, Line of Business and Customer Goals considering market trends and feedback.
- Prioritization & Backlog Refinement: Capture demand, prioritize mitigation of key risks and maintain a backlog to ensure the development team is working on the right things in the right order.
- Compliance & Governance: Demonstrate that our application development pipelines enable compliance with internal control requirements and regulatory obligations, with robust reporting and dashboards.
- Advocacy: Communicate the efficiencies of building code with security in mind for a Cybersecurity vision and roadmap to stakeholders, and the team, to drive user adoption.
- Collaboration: Work closely with DevOps, engineering, and IT teams to integrate security best practices into CI/CD pipelines, ensuring secure and efficient deployment processes.
- Documentation: Maintain comprehensive documentation of security controls, policies, and procedures for cloud environments.
Qualifications:
- Experience: Significant experience (5+ years) in Product Management in cybersecurity across multiple domains, with a strong focus on application security testing and integrating controls as code.
- Technical Expertise: Deep knowledge of application security testing, threat modeling, and modern application design patterns including Cloud-native and containers, and experience building and operating security tools and services.
- Security Frameworks: Familiarity with security frameworks and standards (e.g., NIST, CIS, ISO) and their application in cloud environments.
- Agile Delivery: Experience working in modern development teams, leveraging agile concepts and frameworks used for planning, refinement, prioritization.
- DevSecOps: Strong understanding of DevSecOps principles and experience integrating security into CI/CD pipelines and operational processes.
- Problem-Solving: Excellent problem-solving skills, with the ability to think critically and adapt to new challenges and communicate insights in simple terms.
- Communication: Strong written and verbal communication skills, with the ability influence at all levels by explain complex security concepts to non-technical stakeholders.
- Experience working in a highly regulated industry
Desired:
- Certifications: Relevant certifications such as CISSP, CCSP, GSEC, GWEB, CEH, AWS Certified Security, Azure Developer Associate & Azure Security Engineer Associate
- 10+ years experience in Product Management/Program Management roles
Skills:
- Planful: Thoughtfully setting, proactively managing, and predictably achieving commitments through strategy, process, communication, and delivery.
- Ownership: Acceptance of full responsibility for delivery outcome - "buck stops here" mentality. And collaboratively addressing problems as they arise.
- Connected: Clear orientation and understanding of where you, your team, your work/priorities join with others in a common goal.
- Consistency: Drive toward and adoption of logical, efficient, and sustainable processes and tools to achieve predictable results.
- Accuracy: Achieving business value (as agreed with key stakeholders and control partners) within defined tolerance across measurable parameters (scope, schedule, cost).
Job Description:
Responsible for maximizing the value for one or more products, at the program level in a scaled Agile model. Defines the vision and roadmap for the program, defining and prioritizing the features/epics in the program backlog, and articulating this to both stakeholders and development teams. Works closely with stakeholders to understand their needs, and with Products Owners to ensure they are aligned on priorities. They support and collaborate with the Product Portfolio Executive on financials throughout delivery. Is an expert of the products, business or technology domain, and the industry in which the product competes. This role can be part of the business/LOB (recommended) or in technology. As an expert, creates the vision and roadmap for the program based on customer requirements, industry trends, regulations, and the strategic direction for the business or technology domain. Communicates the program vision and roadmap to stakeholders, Product Owners and the teams. Oversees the budget(s) for one or more products. Provides input into defining business capabilities and aligning them to products or creating new products to support them. Articulates the business value to Product Owners so they understand product and strategy; Ensures alignment across product roadmap to achieve portfolio objectives. Creates and prioritizes features/epics in the program backlog; empowered to make decisions about trade-offs with emerging work versus planned work. Refines features/epics with the Product Owners to ensure there is enough ready work for the upcoming 1-2 quarters. Reviews and accepts features/epics and is empowered to make on-the-spot decisions on scope and requirements. Works in partnership with the Product Owners and the teams to ensure that optimum value is obtained through technology and through an advanced understanding of the business and industry trends. Participates and attends relevant industry events to bring points of view and trends to the Bank. May lead a Community of Practice and participate in the Center of Excellence. May manage a team.
Shift:
1st shift (United States of America)
Hours Per Week:
40
Pay Transparency details
US - CO - Denver - 1144 15th St - Denver Gis (CO9926), US - DC - Washington - 1800 K St NW - 1800 K Street NW (DC1842), US - IL - Chicago - 540 W Madison St - Bank Of America Plaza (IL4540)
Pay and benefits information
Pay range
$115,800.00 - $215,000.00 annualized salary, offers to be determined based on experience, education and skill set.
Discretionary incentive eligible
This role is eligible to participate in the annual discretionary plan. Employees are eligible for an annual discretionary award based on their overall individual performance results and behaviors, the performance and contributions of their line of business and/or group; and the overall success of the Company.
Benefits
This role is currently benefits eligible. We provide industry-leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.