Bank of America

Job Description:

At Bank of America, we are guided by a common purpose to help make financial lives better through the power of every connection. We do this by driving Responsible Growth and delivering for our clients, teammates, communities and shareholders every day.

Being a Great Place to Work is core to how we drive Responsible Growth. This includes our commitment to being an inclusive workplace, attracting and developing exceptional talent, supporting our teammates’ physical, emotional, and financial wellness, recognizing and rewarding performance, and how we make an impact in the communities we serve.

Bank of America is committed to an in-office culture with specific requirements for office-based attendance and which allows for an appropriate level of flexibility for our teammates and businesses based on role-specific considerations.

At Bank of America, you can build a successful career with opportunities to learn, grow, and make an impact. Join us!

This job is responsible for leading and executing on internal control discipline and operational excellence within a Line of Business (LOB) or Enterprise Control Function (ECF). Key responsibilities include executing LOB or ECF processes and tools to drive adherence to enterprise-wide standards. Job expectations include supporting the implementation of quality assurance and quality control processes within the LOB or ECF through ongoing monitoring and testing of controls, identifying issues and control improvements for remediation, and building out actions plans and milestones.

The GT Model Governance Portfolio Manager plays a critical leadership role in strengthening the governance, oversight, and risk management of AI models, traditional models, and critical-use spreadsheets across Global Technology – Global Information Security (GT‑GIS), while also supporting broader CIO divisions. This role is responsible for ensuring end‑to‑end compliance with Enterprise AI, Model Risk Management (MRM), and Critical Use Spreadsheet Policies, including documentation, inventory management, health monitoring, reporting, and quarterly attestations. The Portfolio Manager drives the model risk strategy for Global Technology by enabling strong governance practices, proactive risk identification, and continuous improvement. As a trusted partner across technology, risk, and business stakeholders, this individual champions the responsible, compliant, and effective use of models to mitigate cyber risk and support the bank’s Defense in Depth strategy. The role blends strategic thinking with hands‑on execution and offers the opportunity to influence enterprise‑wide risk outcomes in a fast‑evolving technology and threat landscape.

Responsibilities:

• Leads the assessment of the design and effectiveness of the risk and control environment to support Client Operational Services and ensure adherence to enterprise-wide standards

• Performs monitoring and testing of controls, identifying issues and control improvements for remediation

• Leads the implementation of optimized controls and enhanced Quality Assurance (QA) practices to support business continuity efforts

• Manages the performance and productivity of team members that conduct quality inspection reviews

• Ensures timely execution of QA activities including control execution, case management, and results reporting

• Manages and reviews all operations front line unit responses for regulatory exams, internal audits, and other monitoring and inspection reviews

• Ensures accuracy of data and that relevant information is captured for inspection metrics to support governance for dashboard reporting

• Lead and execute model governance strategy for Global Technology, ensuring alignment with Enterprise Model Risk Management and Artificial Intelligence policies, standards, and regulatory expectations

• Oversee the AI, model, and critical-use spreadsheet portfolio, including model identification, health assessments, inventory management, and quarterly attestations

• Drive risk mitigation strategies to proactively address model risk issues, control gaps, and emerging risks across technology and information security domains

• Review, maintain, and enhance model documentation, tracking, reporting, and ongoing compliance processes

• Translate enterprise MRM requirements into Global Technology–specific procedures, controls, and governance frameworks

• Partner closely with technology leaders, GIS teams, and lines of business to coordinate deliverables, priorities, and governance routines

• Prepare and quality‑review executive‑level materials, metrics, and reporting for senior management and governance forums

• Coordinate cross‑divisional timelines and deliverables, ensuring commitments are met accurately and on schedule

• Define, monitor, and manage Model Risk Key Risk Indicators (KRIs) to support risk transparency and informed decision‑making

• Participate in governance forums to assess model inventory health, developer activity, and adherence to policy expectations

• Support audits, regulatory exams, issues management, and remediation efforts related to model risk and governance

• Identify and implement opportunities to streamline and enhance model risk management processes, partnering across teams to drive execution

• Manage cross‑functional governance programs and projects, balancing strategic objectives with operational excellence

Required Qualifications:

• 3+ years of recent experience in a Risk & Control, Governance, Compliance, or related environment

• Strong ability to communicate complex technical and risk concepts in clear, concise language tailored to diverse audiences

• Demonstrated accountability, ownership, and execution excellence in delivering results

• Proven experience acting as a change agent, driving adoption and alignment across diverse stakeholder groups

• Excellent collaboration and influencing skills, with the ability to motivate teams without direct authority

• Comfort operating in ambiguous and evolving environments, with strong analytical and problem‑solving capabilities

• Strategic, self‑directed, organized, and capable of operating with minimal supervision

• Ability to prioritize, coordinate, and execute against deadlines while adhering to enterprise policies and standards

• Strong critical‑thinking skills, including the ability to “connect the dots” and perform thematic risk analysis

• Proficiency in Microsoft Office (Outlook, Word, PowerPoint, Excel)

Desired Qualifications:

• Familiarity with the Global Technology organization and enterprise technology operating models

• Strong understanding of Information Security principles, technologies, attack vectors, and associated risks

• Prior experience in Cybersecurity Operations, including exposure to incident response, privacy, or threat management disciplines

• Infrastructure domain experience within Risk, CTO, and/or Global Information Security organizations

• Strong working knowledge of the NIST Cybersecurity Framework

• Advanced understanding of security threats, vulnerabilities, exploits, malware, and digital forensics to support informed risk decisions

• Proven experience implementing Compliance and Operational Risk Program requirements, including risk assessments, control design, and issues management

Skills:

• Controls Management

• Oral Communications

• Risk Management

• Stakeholder Management

• Strategy Planning and Development

• Continuous Improvement

• Drives Engagement

• Influence

• Strategic Thinking

• Talent Development

• Data and Trend Analysis

• Decision Making

• Monitoring, Surveillance, and Testing

• Problem Solving

• Quality Assurance

Shift:

1st shift (United States of America)

Hours Per Week: 

40