Opportunity type:

  1. Permanent




  1. Cyber Security

Date posted:

04 May 2021

Opportunity reference:


Opportunity description

BISO (Business Information Security Officer)

Role: BISO (Business Information Security Officer)

Type: Permanent

Location: London (home based for now and high degrees of flexible working in the future)

Stanton House has been appointed to search for a BISO (Business Information Security Officer) to join a Financial Services client based in London (home based working is currently in place for this role). This role sits in the central function and is the SME for all business units for Information Security and the technical Security teams.

This role will be focussing on a high-profile programme of work which is visible up to the CEO. The ideal candidate will has had exposure to Cloud Technologies such as AWS or Azure. This person will be reviewing security solution, designs, 3rd parties, policies, and technical documents, and then making recommendations back to the business.

Below are the core competencies of the role. Please note, this role does not have direct reports and does not require previous people management experience.

Key skills and responsibilities:

  • Build and run the two-way security-business relationship, from Penetration Testers, through to the CIO
  • Excellent stakeholder management experience, and be able to articulate Security risk in to business risk, up to board level
  • Experienced in the selection and implementation of appropriate information security controls
  • Identify security risks and produce high quality documentation to articulate and report those risks along with proposed solution in appropriate risk forums
  • Raise security awareness among business units' staff in accordance with the firm's security policies and standards
  • Knowledge of current security tools, processes and techniques; experience of deploying tools, processes, training to demonstrate measurable security benefit
  • Maintains an awareness of developments in the industry and understands implications of new technologies
  • Familiar with security technologies and regulatory frameworks including, but not limited to: DLP, PAM, SOC/SIEM, IDS, IPS, Firewalls, Load balancers, Switches, Routers, Virtualised environments / Cloud, PCI DSS, GDPR, Crisis Management Exercises.
  • Ensure security & resilience risk acceptances are raised and managed appropriately, in conjunction with the security risk, IT risk and governance functions

Core competencies of the role:

  • Persuading and Influencing
  • Presenting and communicating Information
  • Writing & Reporting
  • Applying Expertise and Technology
  • Planning & Organising

Please apply to this advert to be talk with a Cyber Security specialist recruiter.