Business Information Security Job Description

Business Information Security Job Description

4.5
175 votes for Business Information Security
Business information security provides security solutions that align with customer’s compliance requirements and industry standards like PCI, HIPAA, ISO 27001, NIST, CSF, ITIL, COBIT, Sarbanes Oxley and SANS 20.

Business Information Security Duties & Responsibilities

To write an effective business information security job description, begin by listing detailed duties, responsibilities and expectations. We have included business information security job description templates that you can modify and use.

Sample responsibilities for this position include:

Hire staff as needed, following IT hiring processes
Conduct program and project reviews
Business Planning & Analysis Associate will help quickly integrate and develop expertise across our businesses, financial processes and competencies
Great empathy for needs and challenges of business stake holders and IT service consumers
Strong communications skills to extract business intent and experience working with highly technical management teams
Ability to build trusting relationship with executive and business stake holders
Experience as an IT business liaison or equivalent technical background
At least 5 years project/program management experience with larger scale technology initiatives
Enable the protection of our most sensitive data
Analyze and support business with policy adoption

Business Information Security Qualifications

Qualifications for a job description may include education, certification, and experience.

Licensing or Certifications for Business Information Security

List any licenses or certifications required by the position: CISSP, CISM, CISA, OSCP, GIAC, CRISC, GIAL, ISO, ITSM, PMP

Education for Business Information Security

Typically a job would require a certain level of education.

Employers hiring for the business information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Technology, Business, Information Security, Education, Information Systems, Engineering, Technical, Management, English

Skills for Business Information Security

Desired skills for business information security include:

ISO
Government and other regulations related to Information Security
Infrastructure and logical security technology with experience working with ITIL
PCI
COBIT
Estimating IT system development and testing
Industry standards
Information Security
Internal controls and internal risk and control frameworks/standards

Desired experience for business information security includes:

Implement Data Leak Prevention controls
Identify cyber threats and risks to data and business processes
Basic understanding of regulatory policies and requirements within the Privacy and Data Domiciles
Exposure to Cyber Threats faced by Financial Institution and their impact to business practices preferred
End User product delivery experience
Technology liaison to business experience

Business Information Security Examples

1

Business Information Security Job Description

Job Description Example
Our company is growing rapidly and is looking to fill the role of business information security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for business information security
  • Act as a first point of contact for any business security related issues/queries
  • Working closely with other areas of the firm’s Security Department, Service Line Quality and Risk teams, and the firm’s clients to provide a seamless service to the business
  • Engaging with DBS Cyber Risk and DBS Physical and Personnel security in advising on interpretation of policy, and to review deliverables of ITS and business projects/initiatives to verify that they meet client and contractual expectations
  • Supporting the Confidentiality Integration team on cross border confidentiality and global client issues
  • Working with the DBS Operational Risk team on identifying and managing risk
  • Establish and maintain close working relationships with the business, assigned service lines and industry groups to develop a deep understanding of their needs and strategic direction
  • Advising client engagement teams on appropriate mitigation of risks across all areas of Confidentiality and Security
  • Review of contracts, framework agreements and key client/supplier contracts to advise legal and risk on security, confidentiality and privacy compliance issues or concerns, and liaising with the firm’s Data Protection team to provide input into the reviews where required
  • Management, completion and review of client Security questionnaires and responses
  • Identification of Risk and reporting of management information (MI) on risk status
Qualifications for business information security
  • Working knowledge and understanding of defense, layered network and data security architectures
  • As part of the Security group, plan and drive the implementation of the technology and its capabilities
  • Ability to understand (or learn) the vendor business functions the IT functions relating to the vendor business functions and services required
  • Own a complete view of the IRM and Cyber Controls as they are and will be deployed across the group
  • Lead the team to ensure CSMART objectives are identified and align to Barclays Performance Development requirements
  • Very strong communication skills - written, verbal and visual
2

Business Information Security Job Description

Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of business information security. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for business information security
  • Facilitating, organising and managing business, client and supplier security audits / assurance
  • Establish processes to periodically assess Confidentiality and Security risks, emerging issues and include lessons identified processes to foster continuous improvement
  • Support the deployment of the firm’s Confidentiality Management tool to client facing teams
  • Support efforts to implement changes throughout the firm, reflecting global confidentiality management practices and ensuring confidentiality risks are appropriately prioritised
  • Vulnerabilities are remediated and any residual risk is managed appropriately
  • Accurately translating business requirements into technical requirements
  • Customer and Colleague feedback
  • Fulfilling personal objectives
  • Provide periodic review on server security & audit event log to detect any security violation event and carry-out investigations to determine the root cause, impact and prevent the event for the future
  • Responsible for virus incident response management to control virus out break and recovery process
Qualifications for business information security
  • Supporting technology related experience such as application development, testing, service management
  • Experienced communications professional preferred
  • Excellent interpersonal skills essential, with the experience and ability to develop, manage and maintain trusted relationships across the firm
  • An understanding of risk management and data security in general
  • Quick to learn self-starter who is confident working under own initiative and within a team
  • Excellent time management skills and the ability to manage competing priorities under pressure
3

Business Information Security Job Description

Job Description Example
Our innovative and growing company is looking to fill the role of business information security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for business information security
  • Serve as the first point of contact and escalation for all business information security matters
  • Works with information security leadership to develop strategies and plans to enforce corporate information policies and address identified risks
  • Assists in the coordination and completion of information security related documentation
  • Assist with building relationships and engaging frequently with business stakeholders and senior management on current issues and overall status of the information security program
  • Work with the Business to develop processes and procedures to ensure information security policies and standards are integrated in order to facilitate understanding, answer questions and identify potential hindrances or challenges
  • Assist in conducting an information security business inherent risk assessment that focuses on identifying new cyber-related business risks and validating the applicability of previously identified risks
  • Identifies and documents information security strategies, objectives and drivers
  • Analyzes and documents information security processes and metrics, and identifies improvement opportunities
  • Lead the tracking of key Information Security initiatives
  • Create and maintain application test vulnerability and risk assessment database
Qualifications for business information security
  • Confidence to defend processes when challenged, ability to upwardly manage challenging stakeholders and their expectations in a diplomatic way
  • Ability to present security topics to a non-technical audience and present the business value of security
  • Experience of project/programme management and business change management processes
  • Track record of success in problem solving
  • Confidence with technology and a desire to improve existing processes and workflows
  • Strong Microsoft Office skills (PowerPoint, Excel, Word, Visio)
4

Business Information Security Job Description

Job Description Example
Our growing company is hiring for a business information security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for business information security
  • Communicates business knowledge and requirements to the Information Security organization thus ensuring security is aligned with business strategy and need
  • Counsels business units in understanding regulatory information security compliance requirements and helps ensure compliance
  • Investigates security incidents for the business and works with Information Security teams to recommend/implement appropriate corrective actions
  • Analyze impact of new technologies and regulative changes on information security
  • Develop and maintain an IT security application testing strategy, policies and standards, and architecture
  • Do application tests remotely and onsite to help ensure audit, regulatory and policy satisfaction
  • Provide support within the Global IT Security team on all application testing matters
  • Provide endorsement to Manager on security projects and operations personnel
  • End User Security Expert for the North America Finance Systems
  • Support risk assessment initiatives, coordinate interaction between ISG and divisional stakeholders, and develop and maintain related documentation such as requirements, timelines, reporting, management presentations
Qualifications for business information security
  • Formal external project management and security qualification desirable (PRINCE 2, CISSP, CISM, CISA) or willingness to obtain these
  • Excellent interpersonal skills the ability to develop and maintain trusted relationships across the firm are essential
  • Clear understanding of project management processes, and the ability to manage key deliverables
  • Commitment to teamwork and able to demonstrate strong client relationships
  • Ability to work under own initiative and prioritise requests as they are received
  • Experience of building and managing relationships across a wide stakeholder base
5

Business Information Security Job Description

Job Description Example
Our company is growing rapidly and is looking to fill the role of business information security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for business information security
  • Ensure implementation of the information security and risk management framework and monitor adherence in countries
  • Ensure compliance of 3rd party vendors handling Novartis data, with the information security and risk management requirements
  • Analyse impact of new technologies and regulative changes on information security
  • Promote awareness of current policies and standards, revisions and developments
  • Collaborate with the business to determine the appropriate levels of controls to safeguard sensitive data
  • Involved in assessing business-decisions to determine any cybersecurity related risks
  • Assist with meeting regulatory requirements
  • Furthering a proactive ‘identify, escalate and debate’ risk environment
  • Managing risk items and remediation actions, such as self-identified audit issues
  • Support the development of reporting, interacting with the CISO leadership and supporting the organization
Qualifications for business information security
  • Sound written and verbal communications skills, (formal training desirable)
  • Track record of success in problem solving and team working
  • An enthusiasm for risk management and a desire for continued learning are essential
  • Good time management skills and the ability to manage priorities under pressure
  • Formal security qualification (CISM, CISMP, CISSP or equivalent) desirable
  • Public Sector experience useful but not essential

Related Job Descriptions

Resume Builder

Create a Resume in Minutes with Professional Resume Templates