Information Security Officer - KS

This position regularly works in an office setting. Most of the job duties require the employee to be working with computers and electronic media on a regular basis.

Responsibilities:

• Develop and maintain in depth understanding of business unit processes, systems, technologies, data, customers, consumers, partners
• Become an expert in assigned products including the design, security profile and risks
• Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications.
• Act as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle.
• Work closely with senior leadership to instill cybersecurity policies and practices throughout business units to address security operations, incident response, application security and infrastructure.
• Be actively informed and engaged in security projects across the business.
• Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
• Ensure business projects are focused on cybersecurity from the beginning.
• Participate and influence Cloud and Native Architecture principles, APls, as well as appropriate enterprise Data handling practices.
• Provide regular and timely reporting on the status of cyber security across the organization
• Provide escalation path for security issues, incidents and inquiries

• 8+ years in cybersecurity experience (or information technology couple with cybersecurity) or a related field
• Bachelor`s degree in computer science or information systems or equivalent experience.
• Experience in guiding all aspects of cyber-security risk including - identification, synthesis, quantification, and remediation strategies.
• Experience working in Agile methodology and a deep understanding of phased approaches to the Software Development Life Cycle
• Working knowledge of:
  • Cloud computing architectures and the associated security designs and challenges
  • Common DevSecOps processes and technologies and how to effectively harden them
  • Data Loss Prevention implementation and ongoing management
  • Data management and security principles applicable to financial services and modern architectures.

Core Competencies:

• Strong presence and ability to engage with leadership regarding security (e.g. Executive Briefings and incident communications). Ability to communicate clearly and effectively with both technology/development and business partners
• Strong relationship, team building and facilitation skills

• Ability to translate technical/security issues to business users
• Proven ability to articulate the why and to enable fact-based decision making.
• Ability to independently influence others to achieve objectives
• Ability to deal with the ambiguity associated with working in a fast paced and changing environment
• Experience working in a matrix model, as the BISO supports operational and transformational efforts for a given region or organizational function

Preferences:

• Certified Information System Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC) certifications preferred

Education:
University - Bachelor`s Degree/3-4 Year Degree