Business Information Security Officer (BISO)
Posted on Feb 6, 2020 by Request Technology - Robyn Honquest
Looking for a Business Information Security Officer (BISO) who functions as the security leader. This role will have dual reporting structure, one reporting to the AoR (Area of Responsibility) and one into the Information Security Program Office and is responsible for establishing and driving a business specific Information Security program aligned with the business area risks and the Company. The BISO serves as the trusted advisor, both to the business and to the CISO.
- Establish a documented Information Security Program and supporting strategy
- Ensure program is aligned with the Company Policies and Standards
- Ensure inclusion of all applicable regulatory, legal and contractual obligations
- Leverage the Enterprise and specific Information Security Risk Assessments to establish and monitor the program
- Support the Business Unit and CISO in seeking cost optimizing and driving reduction in operations costs of managing the security controls.
- Increased levels of security across designated Business Unit.
- Improved compliance with security standards and policies across Business Unit teams.
- Greater awareness of information security and data privacy requirements (globally)
- Drive adoption of global security program standards throughout the product and core business platform teams.
Area of Responsibilities:
- Information Security Risk Management
- Policy Compliance
- Access Management
- Data Protection
- Education and Awareness
- Bachelor's Degree or equivalent experience
- 8+ years or more year of experience in audit or information security related role.
- Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
- Project management experience highly desired
- Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams
- Ability to interpret and apply policies and regulations across a large, complex business
- Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
- High level of interpersonal skills to interact with leaders at multiple levels and facilitate team interactions
- Advanced skills with MS-Windows and other related PC applications