Velocity Search Group Inc. Looking for Business Information Security Officer at Houston, TX Full Time

Our Client, a fast growing financial services firm, is seeking a Business Information Security Officer. The Business Information Security Officer (BISO) will serve as the subject matter expert for Information Security (IS) and Data Privacy (DP) matters and will represent the Chief Information Security Officer (CISO) for the Institutional Channel. The BISO will report to the CISO. This role will be a trusted adviser to senior business and technology stake holders and provide a broad knowledge of Information Security and Data Prevention strategies, policies, processes, architecture, and road maps to enable functional business departments to understand and meet Information Security and Data Prevention requirements. The BISO will be an essential business partner for the Institutional Channel Programs, representing and facilitating their IS and DP requirements to and for the Institutional Channel leadership and the CISO. This role will focus on ensuring that IS and DP are considered in respect of all elements of Business.

RESPONSIBILITIES

• Serve as a subject matter expert (SME), coordinating and providing multi-disciplinary knowledge, skills, and experience in IS and DP and partners with IT infrastructure to provide reliable, measurable, consistent, responsive, and secure enterprise network services.
• Provides support for execution of and ensure adherence to the corporate Information Security and Privacy Management Program policies, procedures, standards, and controls across the business; partner with internal or external organizations to meet compliance, IS and DP requirements; and participate in the development and oversight of required corrective/mitigation action plans.
• Creates and maintains security-related documents (IS and DP procedures / assessments / compliance assessments / reports) and efficiently manages multiple simultaneous tasks, providing consistent record of all activities, while handling confidential work with discretion.
• Coordinate regulatory compliance activities for IS and DP requirements.
• Assess and develop mitigations for system security threats & risks.
• Partner with and facilitate Institutional Channel Programs requirements for IP and DP needs and their 3rd Party Due Diligence processes.
• Respond to business development requests for due diligence as it relates to cybersecurity, IS and DP
• Assist with the education and training of process/control owners so they better understand the controls framework and their responsibilities.
• Participates in disaster recovery and/or business continuity efforts.
• Serve as a SME on Privacy Impact Assessments on new systems or activities involving Personal Data, including review/development of contractual Data Protection language as required.
• Present complex security concepts to all levels of the organization.

QUALIFICATIONS

• Experience in the design, development, implementation, and operational support of mission critical solutions in large scale environments and organizations.
• Knowledge of information security management frameworks, such as ISO 27001, ITIL, COBIT and NIST.
• Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies.