We are hiring for Business Information Security Officer who will be responsible for driving information security efforts within the business unit or functional area.
Mandatory Skill(s)
- Serve as a point of contact for BISOs. providing guidance and support to various BUs;
- Ability to prioritize and provide necessary support on the security tasks for designated BUs;
- Offer regular updates or flag outstanding important issues to relevant stakeholders;
- Standardize information security process across BUS/countries. driving the adoption of best practices;
- Bridge gap between local technology or business team with GIS. able to articulate security risks to local teams and contribute back any feedback to GIS;
- Drive the learning culture within the information security team to accelerate skills and knowledge of the information security community.
Desirable Skill(s)
- Possess at least one of the following certification CISSP. CCSP. CRISC. or CISM;
- Understand Cloud Infrastructure.
Responsibilities
- Support the overall governance of the security Key Risk Indicators (KRIS) for the designated and manage the risks to ensure alignment with the BUs' risk tolerance levels;
- Facilitate the investigation and management of security incidents for designated BUs and communicate to relevant stakeholders;
- Ensure clear documentation of the business justifications, risks, the existing mitigation controls (if any) and relevant approvals are in place;
- Support security assessment for technology solutions for designated BUs;
- Offer expertise to BUs with the help of Group Information Security (GIS) Subject Matter Expert (SME);
- Collaborate with enterprise risk management to conduct risk assessments and support the development of risk treatment plans for the BUs;
- Facilitate the local implementation of group information security initiative for the designated BUs;
- Assist with the security awareness programs for designated BUs to enforce security culture and understand the information security solutions in BUs;
- Help to develop the Business Information Security Officer (BISO) framework / handbook outlining BISOs roles and responsibilities. This standardizes practice across the organization;
- Establish and maintain BISO community to share insights or discussion of findings from audits, incidents, or latest security trend with each BUs to facilitate cross-learning and capture lessons teamed;
- Gather input or recommendations with regards to Group Information Security (GIS) functions and programs from BISOs across various countries/markets. Compile the feedback and contribute to GIS for continuous improvement of the Security Operation Model;
- Collaborate with security teams to develop and implement tailored security awareness programs for business units and devise a structured professional development pathway for BISOs.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Binod Chetri at binod.c@sciente.com quoting the job title.
