Enterprise Business Information Security Officer

About The Position

Requirements

• Expert in U.S. and international security and privacy regulations such as CMMC, DFARS, HIPAA, CCPA, GDPR, EAR, etc.)
• Expert in security industry standards (SIS) and able to apply SIS to unique business and information technology situations. (i.e. ISO-27001, NIST, ITIL Security Management, PCI-DSS, NIS2, TISAX)
• Expert knowledge of customer security requirements and company’s obligation for protecting customer information assets in company’s care.
• Able to create and implement methodologies to support BISO security consulting and advisory services.
• Able to build positive relationships and rapport with customers and Jabil teams (i.e. Business stakeholders, IT Develop and manage oversight of IT Expansions and Divestitures Security Teams, IT Managers/Directors, IT Network Team, Legal Team, etc)
• Bachelor's Degree.
• 5+ years of Information security practice

Nice To Haves

• Experience implementing or managing ISO 21434 certification and/or UN R155/156 compliance.
• Prefer a degree in a technical field such as Information Security, Management Information Systems, Computer Science, or Engineering.
• Security Certification: CISM, CISSP, CISA.
• 3 plus years successful work experience as a BISO
• Experience in the Automotive and/or Healthcare cybersecurity space

Responsibilities

• Engages assigned business as the central point of contact for information security and advocates security control needs of assigned business while also advocating for the company’s security initiatives and controls deployment.
• Stays knowledgeable about the company’s technical controls and advocates for the technical security control needed by assigned business and applies knowledge of company’s technical control capabilities.
• Promotes corporate security awareness activities and implements security awareness concepts locally for assigned business and customizes communications to be suitable for local language and culture.
• Promotes and evangelizes the company’s IT Security Policies and Standards.
• Advises stakeholders on security deviation control alternatives, such as compensating controls, and supports stakeholders through the policy deviation process.
• Provides security consulting and advice for Mergers & Acquisitions by performing on-site or remote security risk assessments and writing report of findings and recommendations in terms suitable for the business to make informed data and computer security risk decisions.
• Presents monthly security status report for assigned business to stakeholders such as the CISO, CIO(s), CTOs, and IT Managers.
• Presents executive-level communications regarding the state of security for assigned business.
• Provides security consulting and advice for customer audits, regulatory audit, technical vulnerability assessments (TVAs) and other security-related audits.
• Reviews and analyzes security components of audit plans and applies knowledge and expertise of IT Security policies and locally deployed security processes and procedures to ensure a successful audit outcome.
• Provides leadership for remediation activities and assembles necessary resources to ensure successful remediation results.
• Advises stakeholders on incident investigations and champions stakeholders through the security incident process.

Benefits

• Jabil combines global reach with local expertise to deliver both scalable and customized solutions.
• Our commitment extends beyond business success as we strive to build sustainable processes that minimize environmental impact and foster vibrant and diverse communities around the globe.