Manager - Business Information Security -

Manager Business Security Officers (BISO)
Primary Location: Rosemont IL (Hybrid)
Position Type: FullTime Direct Hire

Overview
Business Security Officer Manager to join our premier financial services client in the banking industry. This is a directhire hybrid role located in Rosemont IL with a focus on managing the growth and continuous improvement of the corporate Business Security Officer (BISO) program.

BSO will ensure that each Business Area has an embedded business representative that will facilitate promote and communicate the Security and Fraud programs as well as provide feedback to Security and Fraud. Each BSO is responsible for the oversight of their respective business areas compliance with Security and Fraud policies and programs.

The primary responsibility of the BSO is to bridge the gap between business objectives and information security and fraud requirements. The BSO ensures that security and fraud strategies are effectively integrated into business processes thus safeguarding sensitive financial data and maintaining regulatory compliance.

By fulfilling this role the BSO helps to protect the financial institutions assets maintains customer trust and supports the sustainable growth of the business.

Qualifications

Bachelors degree and minimum of 10 years of business experience. Excellent verbal and written communication skills with a wide range of audiences including executives business stakeholders and technology team members. Experience in leading projects or initiatives in a complex environment. Experience in taking complex ideas and constructs and relating them in easytounderstand language. Must be a critical thinker with strong problemsolving skills. High level of personal integrity and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. A quick learner with a high degree of initiative dependability and ability to work with little supervision.

General Responsibilities

• Enhance Security Posture:
  • Strengthen the organizations overall security posture by adopting robust security controls within business units.
  • Proactively identify and address vulnerabilities and threats.
• Ensure Regulatory Compliance:
  • Maintain compliance with industry regulations and standards minimizing the risk of legal and financial penalties.
  • Adapt security and fraud practices to evolving regulatory requirements.
• Foster Collaboration:
  • Promote a collaborative approach to security ensuring that business units understand and support security initiatives.
  • Facilitate open communication between technical and nontechnical teams.
• Support Business Growth:
  • Enable secure business operations by embedding security into the development and deployment of new products and services.
  • Support business innovation while managing security risks.
• Incident Management:
  • Prepare for and effectively respond to security and fraud incidents minimizing the impact on business operations.
  • Participate in business continuity and tabletop exercises.
  • Ensure swift recovery and continuity of services.
• Cultivate Security Awareness:
  • Develop a securityconscious culture among employees reducing the likelihood of human error leading to security incidents.
  • Ensure ongoing security and fraud education and awareness programs are in place and effective.

Corporate Security Responsibilities

• Serve as the business advocate/liaison for major incidents.
• Organize and conduct Corporate Security training for all business area employees.
• Attend Corporate Security training and monthly meetings.
• Present Annual Security Summary to the Audit Committee and Charter boards.
• Assist in the development of business lines/Charter physical security budget.
• Report Corporate Security trends and issues affecting business areas.
• Report incidents to Security and Fraud.

Fraud Responsibilities

• Act as the primary point of contact for Enterprise Fraud in the business area.
• Educate the Enterprise Fraud Program updates policies controls and initiatives to designated business area staff.
• Review and report with guidance from Enterprise Fraud the applicable reports trends and threats to business area leadership.
• Assist with Fraud training reporting and metrics within the business area.

Identity & Access Management (IAM) Responsibilities

• Assist clients Access Management with the support needed for the business area to comply with periodic and yearly access reviews.
• Provide input into key initiatives and business area prioritization where IAM is accountable or responsible for outcomes. Assist in the process of onboarding or sunsetting relevant business systems and applications.
• Within the business area identify trends opportunities and gaps in the onboarding/offboarding workflows for Access Management for SNOW requests.
• Identify and assist business area application owners in the development of applicable roles in Business Applications in the advancement of user administration.
• Identity key Access Management KPI metrics to enable the business area to track posture and inform IAM teams on performance related to their application or process.
• Assist with the development updating and adherence to IAM policies and procedures.

Competencies

• Business Line Technologies: Familiarity with business line systems and technologies.
• Crisis Management: Being able to respond effectively to security issues or crises to minimize damage and ensure business continuity communication and reporting.
• Communication: Excellent communication skills to liaise with internal stakeholders staff senior leadership or law enforcement agencies regarding security matters.
• Analytical Thinking: Capacity to analyze opportunities threats process improvements gaps and communicate them effectively.
• Leadership: Ability to lead and coordinate teams gather information be a subject matter expert and provide consultation as necessary.
• Ethical Conduct: Upholding high ethical standards and integrity in dealing with sensitive information and securityrelated matters.
• Crisis Management: Being able to respond effectively to security breaches emergencies or crises to minimize damage and ensure business continuity.
• Continuous Learning: Keeping abreast of the latest security threats trends and technologies through ongoing training and professional development.

Compensation
The expected salary range for this position is $110$158K)plus bonus depending on experience and qualifications. The role also qualifies for comprehensive benefits including health insurance retirement plans and more.