The BISA is responsible for supporting an IT wide information security management program along with Cybersecurity team, to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The position requires an expert with sound knowledge of information security technologies and a working knowledge of business management. The BISA will proactively work with IT towers/units to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of IT-related risk management activities. The BISE serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. The BISA must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
The BISA's role is to act as an interface between the Management's strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization. The BISA must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as report on ongoing performance.
The BISA coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management. While the BISA is an expert of the security program, he or she must also be able to coordinate disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that security is just one of the business's activities.
Expertise in leading project teams and developing and managing projects is essential for success in this role. The BISA must be able to prioritize work efforts — balancing operational tasks with longer-term strategic security efforts. Other project management tasks will include resource balancing across multiple IT and security teams, task prioritizing and project reporting. Vendor relationship management — ensuring that service levels and vendor obligations are met — is also an important aspect of the position.
Responsibilities
Education & Experience Recommended
Four-year or Graduate Degree in Computer Science, Information Technology, or any other related discipline or commensurate work experience or demonstrated competence.Typically has 4-7 years of work experience, preferably in IT projects, process improvement, or a related field or an advanced degree with 3-5 years of work experience.