Business Information Security Officer (BISO) (Information System Proj Mgmt 4)

About The Position

Requirements

• 9 years relevant experience with Bachelors in related field; 7 years relevant experience with Masters in related field; 4 years relevant experience with PhD or Juris Doctorate in related field; or High School Diploma or equivalent and 13 years relevant experience.
• One or more Cyber related certifications (CISSP, CISM, CRISC, CISA).
• At least 3 years’ experience working with business leadership and enterprise projects.
• Strong written and verbal communication skills across all levels of the organization with outstanding written and verbal business and cybersecurity communication skills.
• Capable of working with diverse teams and promoting an enterprise-wide positive cybersecurity culture.
• High level of integrity, trustworthiness and confidence, and able to represent the company and cybersecurity leadership with the highest level of professionalism.
• Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.
• Strong project management, multitasking and organizational skills.
• Ability to work effectively with diverse teams and varying personalities and adapt management style to effectively reach mutually beneficial outcomes.
• Able to attain and preserve credibility with the team through sustained industry knowledge.
• Able to motivate the team to achieve excellence and give credit and recognition where it is due.
• Applicable knowledge of national and global cybersecurity policies, regulations and cybersecurity frameworks.
• Demonstrated understanding and comprehension of a wide range of cybersecurity solutions.
• Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well.
• Highly organized and efficient self-starter requiring minimal supervision.
• Possesses general business administration competencies.
• Excellence in communicating privacy, business risk and remediation requirements from assessments.
• Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.

Nice To Haves

• PMP a plus.
• At least 10+ years’ cybersecurity experience (or information technology coupled with cybersecurity), with at least 5+ years in an operationally focused cybersecurity practitioner role.
• 14+ years of cybersecurity and/or information technology experience.
• 5+ years of related cybersecurity systems administration (preferable).
• 3+ years of cybersecurity or information technology project management.

Responsibilities

• Serve as a trusted advisor to the division CIO and business unit leadership.
• Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle.
• Act as a trusted point of contact across business units.
• Work closely with cybersecurity leadership and division CIO to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure.
• Be actively informed and engaged in cybersecurity projects across the business.
• Provide disaster recovery and business continuity planning advice when working with the division CIO for business and cybersecurity resiliency.
• Enforce the strong security culture set forth by the division CIO, ensuring uniformity across cybersecurity leadership, business units and employees.
• Foster strong relationships with internal business units and excel in cybersecurity communication.
• Advise business units on enterprise-wide people, process and technology cybersecurity recommendations.
• Maintain up-to-date knowledge related to cybersecurity threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
• Ensure business projects are focused on cybersecurity from the beginning.
• Identify and document threats and vulnerabilities that may impact the business and address them regularly with business units.
• In conjunction with cybersecurity, the division CIO, and business leaders, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver them to non-technical teams in terms that are accessible and comprehensible.
• Provide motivation to business units to adopt cybersecurity controls.
• Remove complexity and obstacles that hinder efficient cybersecurity controls enterprise wide.
• Build relationships with division business units and CIO office to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications.
• Stay abreast of new laws, regulations and standards, and assess their impact to the business.
• Verify cybersecurity content training initiatives and internal/external communication are conducted regularly.
• Openly support the CISO and division CIO, management team and executive leadership, even during tumultuous times.
• Perform other duties as assigned.

Benefits

• Best-in-class medical, dental and vision plan choices.
• Wellness resources.
• Employee assistance programs.
• Savings Plan Options (401(k)).
• Financial planning tools.
• Life insurance.
• Employee discounts.
• Paid holidays and paid time off.
• Tuition reimbursement.
• Early childhood and post-secondary education scholarships.