Business Information Security Officer

About The Position

Requirements

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field.
• 7 years of experience in cybersecurity, IT risk management or related fields.
• 5 years of leadership experience within a business-focused security role.
• Proven track record of aligning security strategies with business objectives.
• Strong understanding of cybersecurity frameworks, technologies, and best practices.
• Excellent verbal and written communication skills, with the ability to translate technical concepts into business language.
• Proven ability to lead cross-functional teams and influence without direct authority.
• Strong analytical and problem-solving skills, with a proactive approach to identifying and mitigating risks.
• Ability to build strong relationships with business leaders and stakeholders, fostering trust and collaboration.

Nice To Haves

• Experience in the education industry is highly desirable.
• Cloud and data quality experience.
• Knowledge of regulatory requirements relevant to the industry, such as GDPR, HIPAA, PCI-DSS, etc.
• Familiar with various NIST frameworks including NIST, NIST 800-30 and NIST RMF.
• Experience working in a matrixed organization with multiple lines of business.

Responsibilities

• Act as the primary point of contact between the business unit(s) and the cybersecurity organization, ensuring alignment of security initiatives with business goals.
• Identify, assess, and communicate cybersecurity risks to business leaders, providing strategic advice on mitigating risks and ensuring compliance with cybersecurity policies and standards.
• Provide expert guidance on cybersecurity and compliance matters to business leaders and teams, including advising on security controls, regulatory compliance, and incident response.
• Work closely with business leaders to integrate cybersecurity into business processes, technology roadmaps, and projects from inception to completion.
• Support the organization's incident response efforts by coordinating with business units to ensure timely and effective response to security incidents.
• Promote and enhance a strong security culture within the business unit(s) by leading security awareness programs and training initiatives.
• Collaborate with procurement and vendor management teams to assess and manage cybersecurity risks associated with third-party vendors.
• Develop and present cybersecurity metrics and reports to business leaders, ensuring they have the necessary information to make informed decisions.
• Stay abreast of the latest cybersecurity trends, threats, and technologies, and continuously seek opportunities to enhance the organization's security posture.

Benefits

• Competitive salary and benefits package.
• Opportunities for professional development and growth.
• A collaborative, inclusive work environment where your ideas and contributions are valued.
• Relocation package is available.