The Company's Information Security team is seeking a Business Information Security Officer (BISO) / Information Security Manager for our LATAM Digital Services Joint Venture. Role Purpose Provide the security leadership and influence IT and business executives whilst ensuring the business and regulatory requirements are met. Represent the Group CISO function as the Business Information Security Officer (BISO) / Information Security Manager and manage the Information Security resources supporting the Company's Digital Services venture. Provide visibility and insights on Security to the LATAM RISO. Build and effective relationship, partnering and supporting the C level executives on Information Security matters. Manage and attend required Committees, cyber governance meetings and regulatory engagements. Assess and evaluate risk & control position against the KPI's and information security risk management framework. Responsibilities: The role is focused on securing the Company's Digital Services business unit. We are looking for a Business Information Security Officer / Information Security Manager with the skills to influence business leadership, execute complex projects and guide the IT teams regarding Information Security requirements. The roles and responsibilities for the position include but are not limited to: Supporting the Group CISO portfolio delivery with oversight and escalation to ensure that all global security requirements are effectively rolled out in the Company. 2. The Business Information Security Officer / Information Security Manager is the primary technical security contact within the organization for security risk analysis, gap identification, and mitigation/remediation activities. Provide regular reporting on information security Key Performance Indicators (KPI), issues and risks to the RISO and C Level executives. Engage with key stakeholders to ensure that processes and initiatives follow Company's global and regional security processes, monitor security policy/standards compliance, and ensure Information Security strategy is understood and communicated. Acts as the technical subject matter expert on all security initiatives, leverages existing global, regional security technology and products to solve problems, and assists the project teams with testing, deployment, and execution of new initiatives. Oversee, support and report on Company's Information Security incidents in collaboration with Global/Regional Security Operations and the Privacy function. Support the internal security awareness and training activities and provide feedback. Oversee the internal Third-Party Cyber Risk Management program to support the business in managing the information security risks of third-party relationships. Act as trusted advisor in the exception risk management process to include articulating risk and vulnerability information, determining mitigating controls, and assist in remediation plan development. Support the business during internal and external audits and with audit resolutions for information security related issues, ensuring that a process is in place to address issues discovered through analysis and taking corrective actions. Experience Requirements: Experience leading Latin America information security requirements. Bachelor's degree in computer science, Information Technology, Cyber Security or similar Strong general security knowledge across all aspects of the NIST Cybersecurity Framework Demonstrated expertise in Incident Response and Incident Management. An understanding of cloud services and cloud development techniques. Communication skills including the ability to develop and provide effective presentations to various audiences, including non-technical resources. CISM, CISSP, GIAC or Similar certifications. Written/spoken English proficiency required. Ability to translate highly technical information into plain language. High level of analytical and problem-solving abilities. At least 10 years IT experience, working in a technical discipline. 5-10 years working experience in Information Security. At least 3 years' experience working in a senior technical role.
