Business Information Security Officers (BISOs) serve in a client-centric role supporting Foundever and exist to promote client satisfaction as part of the Global Security organization under the Business Information Security Office (BISO). Working with global enterprise clients, BISOs collaborate with the IT solutions team, business development and deal desk to ensure comprehensive security design in a pre‑sales environment. The BISO is a critical resource to the legal team serving as the security subject matter expert on contractual language. The BISO partners with Security Engineering, Security Operations, Security Governance, Security Assurance, and Project Management Office (including Enterprise Change Management (ECM)) to oversee security matters during client implementations and changes. The BISO serves as an internal resource to the Operations team to support client security audits, client change requests, and other security related topics pertaining to Foundever’s clients. The BISO leads or collaborates directly with Physical Security teams within the region, ensuring client contractual obligations are met, regulatory requirements are addressed, and the security of our associates and clients is ensured. The regional role will oversee the security of sensitive information and projects, client or corporate related, and will advise in the security of the company’s infrastructure to meet client requirements.
This individual will need to be located and authorized to work within the EMEA region.
Job Responsibilities
* Respond to Requests for Proposals and contractual negotiations for security language, collaborating with Legal, Sales, Technology and IT Solutions on the design and language of these documents
* Provide the technical security response for internal and client audits
* Partner with fraud team to investigate incidents of fraud and respond to EthicsPoint incidents, communicating with the client on resolution of incidents
* Work with operations team to ensure physical security controls are in place and Site Security Questionnaires are completed
* Monitor and close CAPA items related to audit findings and SSQs
* Participate in Enterprise Change Management Reviews for client requested changes, ensuring security risks introduced to the environment from requested changes are minimized or reduced
* Present effectively and professionally in front of clients on a regular basis and negotiate with client’s security and risk organizations to achieve mutually agreeable security controls to protect both Foundever and the client’s data and systems
* Communicate effectively to provide internal and client-facing articles with regards to best practices or new frontiers in security
* Expert knowledge and experience in Information Security best practices (technical knowledge and demonstrated technical expertise)
* Ability to receive complex business and technical requirements, from multiple stakeholders, rapidly determine the appropriate security solution and guide the team to achieve the desired results
* Experience in large global environments spanning multiple time-zones
* Common Security Frameworks (ISO 27000 series, SSAE18, NIST SP 800 series, etc.)
* Payment Card Industry (PCI)
* Other industry and country security requirements as required to support clients in the region supported
* Ability to appropriately handle critical information and sensitive information
* Effectively use Microsoft Office products in communication delivery
* Effective organization and communications skills and proven ability to translate security and risk to all levels of the business
* Ability to effectively plan, delegate and/or supervise the work of other team members
* Ability to lead, motivate, develop and train other team members
* Must demonstrate a keen understanding of security as a business enabler, presenting ideas, expectations and information in a concise, constructive, and well‑organized manner
* Strong analytical abilities, interpersonal skills, and the maturity & motivation to work effectively across international and culturally diverse project teams
* Effective project management skills, including the ability to plan, organize, prioritize, & balance multiple tasks and/or projects independently to ensure target dates & goals are achieved with minimal oversight
Skills and Qualifications
At least 5 years in technology, cybersecurity or risk governance roles interfacing with global clients on complex technology solutions or security consulting - this could be in technical account management, sales engineering or IT project management
Four‑year degree or equivalent combination of education and experience
Provide support to the VP, Business Information Security to ensure security support to clients and Foundever locations from setup to closure including the support of business development activities where security discussions are requested or required, client security risk assessments, client contract security language reviews, client project implementation security due diligence, client security audit activities including presenting evidence and follow‑up audit risk mitigation discussions
Work with global business support functions or departments to facilitate completion of RFP security questionnaires and reviews contract security language
Serve as a project implementation team member to conduct security due diligence and closure on client project implementation teams and participates in Enterprise Change Management process to review and approve client impacting and organizational changes
Advise and/or assist in conducting IT security risk assessments, reviews, investigations and risk management services throughout the company; provide security risk evaluation, audits, mitigation and solutions to projects and initiatives
Develop and implement strategies to balance security recommendation with business needs
Guide and consult on security related questions from solutions providers, developers, engineers, and leadership team
Provide guidance and consultation on corporate security initiatives
Define security strategies, policies and procedures as required and directed
Oversee and monitor vendor and third‑party security reports/lists
Ensure coordination with IT to ensure assets are adequately secured to clients’ requirements
Provide oversight and management of Managers and Analysts assigned to the Regional Business Information Security Office
Engage and influence Foundever counterparts to improve processes for capabilities‑based planning, resource allocation, and other strategic management processes used by Foundever leaders to make investment decisions
Work closely with global divisions to provide insight to current security issues and will be responsible for moderately complex research and trending to assist with analysis and ensure overall global security performance
Ensure BISO support is offered to clients and Foundever locations from a security standpoint, from setup to closure
Other security‑related support functions as needed or assigned to the BISO Team by the VP Business Information Security or the Chief Security Officer
CISSP and/or CISM and/or CISA preferred, other industry standard security certification (GIAC, Security+)
#J-18808-Ljbffr