Business Information Security Officer (BISO), Senior

About The Position

Requirements

• Deep expertise in cybersecurity risk management and business risk translation
• Strong executive presence and communication skills, with the ability to clearly articulate concepts to senior leaders
• Demonstrated ability to build trusted relationships and influence without authority
• Proven success operating in complex, cross-functional environments
• Strong understanding of enterprise security domains, including: Identity and Access Management, Cloud Security, Data Protection and Security Architecture, Vulnerability and Configuration Management
• Ability to operate effectively in ambiguous environments

Nice To Haves

• 10+ years of experience in: Cybersecurity, information security, or technology risk
• Financial services or regulated industry environments
• Prior experience working directly with: Executive leadership, Enterprise transformation or large-scale initiatives
• Experience building or scaling BISO or embedded risk functions.

Responsibilities

• Lead identification, articulation, and management of material cybersecurity risks across assigned business domains
• Translate technical risks into clear business impact, trends, and decision options (mitigate / accept / transfer / avoid)
• Maintain an executive-ready view of top risks and risk posture aligned to business priorities
• Serve as a trusted advisor to VP, SVP, and executive stakeholders
• Lead risk discussions in business and executive forums with clear, concise narratives
• Influence business strategy, investment decisions, and technology direction through risk-informed insights
• Demonstrate strong executive presence, including the ability to constructively challenge decisions when risk is not adequately addressed
• Build and sustain high-trust relationships across business, technology, and security teams
• Align stakeholders with competing priorities to ensure timely and effective risk management outcomes
• Partner with: Business leaders and product owners, Domain Risk Leads (DRLs), Security Architecture, IAM, and Vulnerability teams, IT delivery and operations
• Engage in planning and design phases of major initiatives to influence outcomes before decisions are locked
• Guide teams toward secure-by-design solutions using standard patterns and architectures
• Reduce late-stage surprises and rework by proactively identifying risks early
• Ensure business leaders explicitly own cybersecurity risk, with documented decisions and accountability
• Facilitate clear alignment between: Business objectives, Risk exposure, Remediation priorities
• Drive timely and well-informed risk treatment decisions

Benefits

• A work environment built on teamwork, flexibility, and respect
• Professional growth and development programs to help advance your career
• Tuition reimbursement
• Team Member Vehicle Purchase Discount
• Toyota Team Member Lease Vehicle Program (if applicable)
• Comprehensive health care and wellness plans for your entire family
• Toyota 401(k) Savings Plan featuring a company match, as well as an annual retirement contribution from Toyota regardless of whether you contribute
• Paid holidays and paid time off
• Referral services related to prenatal services, adoption, childcare, schools and more
• Relocation assistance (if applicable)