North America Regional & Business Security Officer

North America Regional & Business Security Officer This is a hybrid role with the flexibility to work both virtually and from any of our US Aon offices. Aon is in the business of better decisions At Aon, we shape decisions for the better to protect and enrich the lives of people around the world. As an organization, we are united through trust as one inclusive team and we are passionate about helping our colleagues and clients succeed. What the day will look like Reporting directly to the Chief Information Security Officer (CISO), this hybrid role combines the responsibilities of the North America Regional Security Officer (RSO) and the Business Information Security Officer (BISO). The RSO portion of the role is focused specifically on managing operational security risks, governance, and oversight of global security controls within the region. In addition, the BISO responsibilities extend to representing the security needs of designated business units that operate across multiple regions globally. Serve as the primary liaison between the centralized Global Cybersecurity Services (GCS) organization, the North America Chief Operating Officer, and designated business leaders whose operations span multiple regions. Report directly to the Global Chief Information Security Officer, with dotted-line reporting to both the North America Chief Operating Officer (for the RSO portion) and relevant Business Unit leadership (for the BISO portion). Lead all aspects of and govern the implementation of security controls and services (e.g., Control Attestation, Service Delivery) for the region as well as assigned cross-regional business units. Risk Management: Identify, assess, and mitigate security risks within North America and assigned business units, employing audit and self-identified findings, metrics, and other service outputs. Incident Response: Lead the response to cybersecurity incidents affecting North America and assigned business units, including detection, containment, eradication, and recovery, in coordination with the global Aon Cybersecurity Command Center. Compliance and Governance: Ensure compliance with relevant laws, regulations, and industry standards for North America and assigned business units. Maintain documentation to prepare for audits and assessments. Stakeholder Collaboration: Work closely with North America regional leaders, business unit leaders, IT teams, and other partners to integrate security practices into business processes and IT operations. Provide reporting to leadership committees and Boards, as relevant. Service Delivery Management: Lead GCS service delivery issues and support GCS project implementations for North America and assigned business units. Contribute to the 'voice of the Business' in the development of GCS service improvement How this opportunity is different This highly visible role is responsible for embedding effective security controls at scale within North America, and for ensuring business units with multi-regional operations are adequately represented and supported in their security posture. As the trusted security lead, the RSO/BISO will present to North America regional leaders, business unit executives, regulators, and clients as needed, representing both regional and business perspectives.