We are hiring for Business Information Security Officer who will be responsible for driving information security efforts within the business unit or functional area.
Mandatory Skill Set:
- Serve as a point of contact for BISOs. providing guidance and support to various BUs;
- Ability to prioritize and provide necessary support on the security tasks for designated BUs;
- Offer regular updates or flag outstanding important issues to relevant stakeholders;
- Standardize information security process across BUS/countries. driving the adoption of best practices;
- Bridge gap between local technology or business team with GIS. able to articulate security risks to local teams and contribute back any feedback to GIS;
- Drive the learning culture within the information security team to accelerate skills and knowledge of the information security community.
Desired Skill Set:
- Possess at least one of the following certification CISSP. CCSP. CRISC. or CISM;
- Understand Cloud Infrastructure.
Responsibilities:
- Facilitate the investigation and management of security incidents for designated BUs and communicate to relevant stakeholders;
- Ensure clear documentation of the business justifications, risks, the existing mitigation controls (if any) and relevant approvals are in place;
- Support security assessment for technology solutions for designated BUs;
- Offer expertise to BUs with the help of Group Information Security (GIS) Subject Matter Expert (SME);
- Collaborate with enterprise risk management to conduct risk assessments and support the development of risk treatment plans for the BUs;
- Facilitate the local implementation of group information security initiative for the designated BUs;
- Assist with the security awareness programs for designated BUs to enforce security culture and understand the information security solutions in BUs;
- Help to develop the Business Information Security Officer (BISO) framework / handbook outlining BISOs roles and responsibilities. This standardizes practice across the organization;
- Establish and maintain BISO community to share insights or discussion of findings from audits, incidents, or latest security trend with each BUs to facilitate cross-learning and capture lessons teamed;
- Gather input or recommendations with regards to Group Information Security (GIS) functions and programs from BISOs across various countries/markets. Compile the feedback and contribute to GIS for continuous improvement of the Security Operation Model;
- Collaborate with security teams to develop and implement tailored security awareness programs for business units and devise a structured professional development pathway for BISOs.
Should you be interested in this career opportunity, please send in your updated resume to [email protected] at the earliest.
When you apply, you voluntarily consent to the disclosure, collection and use of your personal data for employment/recruitment and related purposes in accordance with the SCIENTE Group Privacy Policy, a copy of which is published at SCIENTE's website (https://www.sciente.com/privacy-policy).
Confidentiality is assured, and only shortlisted candidates will be notified for interviews.
