Act as the primary security partner for assigned business units, building trusted senior stakeholder relationships.
Embed security early into business initiatives, product development, and technology delivery.
Sponsor and support enterprise and business‑aligned security initiatives end‑to‑end.
Provide expert security guidance across concurrent IT, engineering, and business projects.
Oversee security assessments including vulnerability management, penetration testing, and third‑party risk.
Translate security findings into prioritized, actionable remediation plans with clear ownership.
Provide security input into solution architecture and major technology decisions.
Serve as the security point of contact for customer‑facing inquiries, audits, and due‑diligence.
Identify, document, and govern cyber risks, supporting risk acceptance and escalation processes.
Develop and report meaningful security metrics to inform leadership decisions and continuous improvement.

Several years’ experience in a BISO or senior security leadership / advisory role
Strong cloud and application security experience (AWS, Azure, GCP; secure SDLC)
Hands‑on knowledge of security tooling (SIEM, SOAR, EDR/XDR, CSPM, SAST/DAST)
Experience embedding security into CI/CD pipelines and DevSecOps practices
Proven capability in risk assessments, threat modeling, and control gap analysis
Experience collaborating with SOC and Incident Response teams during security events
Working knowledge of security frameworks and regulations (NIST, ISO 27001, CIS, GDPR, etc.)
Ability to translate technical risk into clear, business‑relevant language
Strong stakeholder management skills with the ability to influence without authority
Bachelor’s degree in Engineering, Computer Science, or equivalent experience, plus relevant certifications (CISSP, CISM, GIAC, or similar)

Cyber Security Business Information Security Officer – BISO

Key skills