Business Information Security Officer

About The Position

Requirements

• Hands-on experience supporting client-facing security leaders or programs, ideally in financial services or consulting; comfortable working under guidance and delivering reliably.
• Solid understanding of information risk management and security control adoption across cloud and on-prem environments; pragmatic approach to mitigation.
• Strong coordination and execution skills—able to manage trackers, evidence collections, deadlines, and cross-functional workstreams with attention to detail.
• Clear communicator who can synthesize complex topics into concise summaries and prepare high-quality materials for leadership and client discussions.
• Proficiency with collaboration and productivity tools (e.g., M365), and familiarity with common security tooling and workflows.
• Typically, 6-10 years of experience in information security or related technology experience required.
• Bachelor's degree in Information Security, Computer Science, or a related field
• Strong analytical and problem-solving skills, with the ability to assess complex security challenges
• Excellent communication and collaboration capabilities to work effectively with various teams
• Proficiency in security tools and technologies, demonstrating expertise in the Information Security domain

Nice To Haves

• relevant security certifications (e.g., CISSP, CISM, CISA)
• Advanced certifications such as CISSP or CISM are preferred

Responsibilities

• Support the client facing BISO in serving a high-profile client on security commitments, including conducting reviews, preparing materials and tracking actions.
• Coordinate across Cybersecurity, business, and technology teams to align control adoption and remediation for the associated client platform in our operating model.
• Maintain clear, executive-ready reporting on control posture, open issues, and remediation progress; draft briefings and talking points for client interactions led by the Senior BISO.
• Execute security evaluations and due-diligence responses by gathering evidence, validating inputs with subject matter experts, and ensuring consistency and completeness.
• Monitor for emerging risks and operational gaps; escalate appropriately, document findings, and drive closure through agreed mitigation plans.
• Streamline workflows, templates, and trackers to improve transparency, reduce cycle time, and sustain a risk-aware culture across internal and third-party partners.
• Contribute to continuous improvement by updating playbooks, implementing automation and standardizing artifacts that support repeatable outcomes.
• Develop and implement comprehensive information security strategies by applying advanced knowledge of security protocols and risk management.
• Conduct regular security assessments and audits by utilizing industry-standard practices to identify vulnerabilities and recommend improvements.
• Collaborate with cross-functional teams to integrate security measures into business processes, ensuring seamless protection of digital assets.
• Monitor emerging security threats and trends, providing expert insights to proactively address potential risks.
• Lead incident response efforts by coordinating with relevant stakeholders to ensure timely resolution and mitigation of security breaches.
• Educate and train employees on security best practices, fostering a culture of security awareness across the organization.