Business Information Security Officer (BISO)
Salary £140,000 - £175,000 per annum
Location London
FULL_TIMEConsultant Darius Goodarzi
JobRef 50823503/001
Date posted 01 August 2022
london information-technology/information-security 2022-08-01 2022-09-30 pharmaceuticals London London GB GBP 140000 175000 175000 YEAR Robert Walters https://www.robertwalters.co.uk https://www.robertwalters.co.uk/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png
My client, a global HealthTech organisation, is looking for a Business Information Security Officer to join their growing team, based in London.
About the Business Information Security Officer (BISO) role:
The BISO role presents a dynamic opportunity to drive implementation of my client's global information security strategy across their business units.
This role plays a large part in their global Information Security team and will provide an excellent opportunity to liaise with key external and internal stakeholders.
You will work closely with both the CISO and their Chief Information Officer (CIO) and their direct reports within the organisation. You will be part of a global CIO organization structure partnering with the Business Units (BUs) community and their related teams.
You will also find yourself working together with other Information Security managers and staff, and liaising regularly with senior management including Business Units leadership teams.
Principal responsibilities will include:
• Propagate global information security policies and standards through to specific procedures and practices within the BUs, as well as facilitate the adoption and use of the enterprise security capabilities across the BUs.
• Drive implementation of the corporate information security strategy by providing the bridge from the enterprise Information Security function to the BUs and their respective business information security program plans.
• Identify and prioritize necessary mitigation for security risks across the BUs, and represent the CISO organization in business security matters
• Gather and provide business context back to the CISO’s organization to help shape future direction of the enterprise information security strategy, program and budget.
• Ensure that corporate security objectives are treated as business requirements by the BU teams and the corresponding control owners.
• Ensures that applicable BU processes and procedures tailored to best fit the implementation of the required information security requirements.
• Work closely with the BU system and application owners and development leads to ensure implementation of necessary distributed information security controls owned and executed by the BUs, with a particular focus on Application, SaaS and PaaS security.
• Drive the success of the BU system and application owners in applying my client's global information security requirements and implementing information security controls into the acquired organization through the course of M&A integration activities
• Assist the BU teams in meeting the necessary compliance, audit, and regulatory requirements through effective adoption of enterprise centralized security controls as well as execution of BU-level distributed security controls as applicable.
• Establish and maintain two-way communications on security matters between BU management, CIO Business Partners (BRM), and the corporate Information Security teams as well as other corporate functions as necessary.
• Establish processes and procedures for measuring status and improvements of the BUs security posture and ensuring appropriate goals are defined, set and tracked.
• Provide regular reports to CISO and the relevant executive forums of the state and efficacy of applicable security controls across the BUs.
• Engage with and direct activities of third-party specialist service providers and vendors where necessary to support BUs information security objectives
Required Experience and Qualifications
• Minimum of 10 years of professional experience in IT Service Management, IT Program Management, Information Security or other related areas, including minimum of 5 years in Information Security management roles
• Bachelor's degree in Business Administration, Computer Sciences or related areas is mandatory
• An information security professional certificate such as HCISPP, CISSP, CISM or equivalent is mandatory
• An ITIL, project management, IT architecture or other related certificates are preferred
• Professional experience and knowledge of the Pharmaceuticals, Healthcare, Life Sciences, and/or Information Technology industry sectors are preferred
• Working knowledge of IT governance frameworks and standards such as CobiT, ITIL, ISO27001, NIST cybersecurity framework
Get in touch
Similar jobs
-
Salary: £140,000 - £160,000 per annum + Benefits and bonusLocation: City of LondonDate posted: 05 July 2022I'm now hiring for an incredible Chief Architect, reporting directly to the co-founder/ business CEO (900 heads globally) for a Global leader in Compliance Messaging and Data Archiving.
