Job Description
What success looks like in this role:
Responsible for the development, adoption, compliance, and governance of the security strategy, roadmap, and policies that are aligned to the organization’s overall security objectives within Corporate IT (CIT).
The BISO is a senior leader who is the single point of contact for information security related matters within CIT. The BISO works closely with the CIO and is a member of the CIT senior leadership team. The BISO informs, tracks, communicates, and manages security, risk, and compliance of CIT as it relates to Global Information Security (GIS) overarching program. The BISO is also responsible for managing the security requirements of CIT infrastructure and applications. The BISO bridges CIT to GIS and is held accountable for the cybersecurity outcomes within CIT.
Key Responsibilities
Responsible for maintaining an inventory of CIT cyber risk, vulnerability remediation status, policy violations, endpoint alerts, cybersecurity training, security exception requests, and security architecture for their respective service offerings.
Responsible to ensure compliance to policies in CIT and to report GIS on a set of KPIs as defined by the CISO on behalf of CIT.
Coordinate CIT cyber requirements and compliance for things such as pen-testing, audits, or the procurement of cyber security technologies that may be required uniquely to support CIT.
Accountable for the security health and risk state of CIT.
Develops executive level intelligence briefing structure and drives implementation of actionable intelligence based on the accepted risk strategy.
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with Cybersecurity policies.
Monitor and evaluate the effectiveness of CIT’s cybersecurity safeguards to ensure that they provide the intended level of protection to Unisys and to the customers.
Ensure that Security requirements specific to customer projects and implementations are included in all phases of the system life cycle.
Consult with CIT Architecture, design and development team handling new projects to ensure that Unisys security policies and guidelines and followed.
Engage with GIS’ Threat Intelligence Security Incident Response Process team to properly address and manage cybersecurity incidents or vulnerabilities in CIT.
Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during scans, risk assessments, audits, inspections, etc.
Advise senior management on cost/benefit analysis of information Security programs, policies, processes, systems, and elements
Be the face of Security within CIT for any internal, external or customer audits
Understands CIT, strategy, and information security requirements.
Works closely with GIS, IA and legal teams to improve the security posture, compliance, and risk management for each business unit.
Promotes information security technology strategy and roadmap across each business unit. Brings requirements and drivers to the enterprise Information Security Risk Management team to influence the development of the information security strategy and roadmap.
Ensures CIT’s information security solutions and applications are aligned with GIS and business unit needs, as well as good information security methodology.
#LI-SP2
You will be successful in this role if you have:
Bachelor’s Degree or equivalent experience
15+ years broad and diverse experience across cybersecurity strategy, compliance, operations, security architecture, vulnerability management, and cloud security
Strong understanding of audit/risk management methodologies and regulatory requirements pertaining to information security, privacy and/or data security
Experience across multiple industries with expertise handling regulatory issues and risks
ISACA CRISC or CISM, (ISC)² CISSP or CISSP-ISSMP certifications are a plus
Risk management experience with demonstrated technical proficiency in applying cybersecurity controls
Experience overseeing and executing highly complex, cross-organizational initiatives within a large enterprise setting
Ability to build relationships, influence and drive outcomes across multiple stakeholder groups
Ability to effectively present complex technical topics to non-technical and technical audiences
Project management experience highly desired
Ability to manage multiple complex priorities and competing agendas without express authority over delivery teams
Ability to interpret and apply policies and regulations across a large, complex business
Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker
Unisys is proud to be an equal opportunity employer that considers all qualified applicants without regard to age, blood type, caste, citizenship, color, disability, family medical history, family status, ethnicity, gender, gender expression, gender identity, genetic information, marital status, national origin, parental status, pregnancy, race, religion, sex, sexual orientation, transgender status, veteran status or any other category protected by law.
