Business Information Security Officer

In addition to the responsibilities listed below, this position will serve as an IT risk portfolio advisor for a large or complex technology portfolio by ensuring an ongoing awareness of the potential risks, providing guidance related to the assignment and understanding of risk factors related to the use of technology in a given IT functional area or line of business, and driving the management of technology risk in this area. This position will also collaborate with key stakeholders to obtain consensus on roadmaps to jointly mitigate security risks; determine the frequency and depth of assessment processes for assigned technology portfolio(s); establish, enforce, and manage future assessment criteria based on information risk, business criticality and compliance requirements; and facilitate ongoing security assessment activities to validate the control environment.

• Drives the execution of multiple work streams by identifying customer and operational needs; developing and updating new procedures and policies; gaining cross-functional support for objectives and priorities; translating business strategy into actionable business requirements; obtaining and distributing resources; setting standards and measuring progress; removing obstacles that impact performance; guiding performance and developing contingency plans accordingly; solving highly complex issues; and influencing the completion of project tasks by others.


• Practices self-leadership and promotes learning in others by soliciting and acting on performance feedback; building collaborative, cross-functional relationships; communicating information and providing advice to drive projects forward; adapting to competing demands and new responsibilities; providing feedback to others, including upward feedback to leadership; influencing, mentoring, and coaching team members; fostering open dialogue amongst team members; evaluating and responding to the strengths and weaknesses of self and unit members; and adapting to and learning from change, difficulties, and feedback.


• Leads a team of IT consultants in the development of requirements, for process or system solutions which may span multiple business domains by leveraging partnerships with stakeholders and appropriate IT teams (for example, Solutions Delivery, Infrastructure, Enterprise Architecture).


• Leverages multiple business requirements gathering methodologies to identify business, functional, and non-functional requirements (for example, SMART) across the enterprise.


• Leads and oversees the development and documentation of comprehensive business cases to assess the costs, benefits, ROI, and Total Cost of Ownership (TCO) of highly unique or complex solution proposals.


• Leads the evolution of applications, systems, and/or processes to a desired future state by translating how current processes impact business operations across the enterprise.


• Leads teams of IT Consultants in the mapping of current state against future state processes.


• Defines the impact of requirements on upstream and downstream solution components.


• Provides insight and influence to executive management and business leaders on how to integrate requirements with current systems and business processes across the enterprise.


• Reviews, evaluates, and prioritizes value gaps and opportunities for process enhancements or efficiencies.


• Leads solution design by translating requirements into workable business solutions and leading in design sessions with IT teams.


• Recommends and advocates for additional data and/or services needed to address key business issues related to process or solutions design.


• Leads the evaluation of third-party vendors as directed.


• Drives continuous process improvement by leading the development, implementation, and maintenance of standardized tools, templates, and processes across the enterprise.


• Recommends and advocates for regional and national process improvements which align with sustainable best practices, and the strategic and tactical goals of the business.