We are hiring for Business Information Security Officer who will be responsible for driving information security efforts within the business unit or functional area.
Mandatory Skill(s)
- 3 years+ of experience in information security, risk management, or IT governance;
- Experience working in business operations and IT security;
- Experience managing and leading cross-functional teams;
- Familiarity with cybersecurity frameworks like NIST, ISO 27001, COBIT, or GDPR;
- Proven experience in incident response, risk assessment, and vulnerability management.
Desirable Skill(s)
- Possess at least one of the following certification CISSP. CCSP. CRISC. or CISM;
- Understand Cloud Infrastructure.
Responsibilities
- Support the overall governance of the security Key Risk Indicators (KRIS) for the designated and manage the risks to ensure alignment with the BUs' risk tolerance levels;
- Facilitate the investigation and management of security incidents for designated BUs and communicate to relevant stakeholders;
- Ensure clear documentation of the business justifications, risks, the existing mitigation controls (if any) and relevant approvals are in place;
- Support security assessment for technology solutions for designated BUs;
- Offer expertise to BUs with the help of Group Information Security (GIS) Subject Matter Expert (SME);
- Collaborate with enterprise risk management to conduct risk assessments and support the development of risk treatment plans for the BUs;
- Facilitate the local implementation of group information security initiative for the designated BUs;
- Assist with the security awareness programs for designated BUs to enforce security culture and understand the information security solutions in BUs;
- Help to develop the Business Information Security Officer (BISO) framework / handbook outlining BISOs roles and responsibilities. This standardizes practice across the organization;
- Establish and maintain BISO community to share insights or discussion of findings from audits, incidents, or latest security trend with each BUs to facilitate cross-learning and capture lessons teamed;
- Gather input or recommendations with regards to Group Information Security (GIS) functions and programs from BISOs across various countries/markets. Compile the feedback and contribute to GIS for continuous improvement of the Security Operation Model;
- Collaborate with security teams to develop and implement tailored security awareness programs for business units and devise a structured professional development pathway for BISOs.
If you are interested in this role, click on the “Apply to this job” button below or you could also write in with your CV to Binod Chetri at binod.c@sciente.com quoting the job title.
