JOB TITLE: Business Information Security Analyst UK&I
REPORTING TO: Business Information Security Officer (US) & VP, IT UK&I
LOCATION: Hybrid, 3 days in office, UK&I HQ
CONTRACT: Permanent
SALARY: TBC
ROLE OVERVIEW AND PURPOSE
Reporting to the BISO (Business Information Security Officer), the BISO Analyst a trusted advisor with business unit leadership. The BISO Analyst understands security risks and technologies and is able to effectively communicate them to business units. The BISO Analyst works in tandem with the business across multiple services and platforms to address risk, while advising business leaders to ensure they are making decisions with security in mind. The BISO Analyst acts as a liaison to ensure cybersecurity practices are built into business unit initiatives for the entire lifecycle.
KEY RESPONSIBILITIES
· Assist with program roadmaps and communications disseminated throughout the organization.
· Monitor all information security projects and procurement from inception to successful completion for a specific business unit, fully understanding the purpose of projects, technologies and their value-add to the organization.
· Adhere to strategic risk management vision and decisions that scale globally to secure by design without slowing company innovation and execution.
· Promote a strong security culture within the security department within the business unit.
· Maintain adequate knowledge on best practice recommendations based on the evolving threat landscape to protect the business.
· Work with business units to measure and report key performance indicators (KPIs) and metrics that align with business initiatives and deliver to non-technical individuals.
· Build relationships with technical teams to deliver security-be-design controls that are incorporated into projects, architecture and applications.
· Drive ISO 27001 and other compliance initiatives in the organization.
· Build relationships with business leaders, technical teams, governance and third parties to incorporate availability and recovery needs.
· Facilitate meetings with key stakeholders in the business unit to assess strengths and weaknesses in the program and ensure adequate resources are allocated to the most critical functions needing attention.
· Perform other duties as assigned.
REQUIRED SKILLS AND EXPERIENCE
Experience:
· At least 5 years in security or systems administration-related role
· Understanding of the EU’s General Data Protection Regulation (GDPR), National Institute of Technology (NIST) standards, International Standards Organisation (ISO) standards, Health Information Portability regulations and frameworks etc.
Other:
· Proven trustworthiness and history of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating well.
· Self-starter requiring minimal supervision.
· Excellence in communicating business risk and remediation requirements from assessments.
· Analytical and problem-solving mindset.
· Highly organized and efficient.
· Demonstrated strategic and tactical thinking, along with decision-making skills and business acumen.
· Strong understanding of financial planning and analysis.
· Strong written and oral communications skills across varying levels of the organization.
· General understanding of service design, delivery concepts and control frameworks.
· Solid organizational skills and the ability to multi-task, prioritize workload and delegate responsibilities.
· Ability to effectively manage stress in a constantly changing environment
· Highly focused on supporting a strong cohesive team and security culture.
· Excellent judgment and the ability to make quick decisions when working with complex situations.
· Strong business acumen and forward-thinking.
· High level of integrity, trustworthiness, and confidence, representing the company and its management team with the highest level of professionalism.
· Ability to work effectively with a variety of personalities, adapting the approach to effectively reach and develop the team. Uses this skill as well as functional knowledge to both earn and maintain a high level of credibility with the team
QUALIFICATIONS
Education:
· Bachelor’s degree preferred in Cybersecurity, Information Technology, Computer Science, Information Systems, or a related field.
Licenses:
· Preferable, but not required: CISSP, CISM, CRISC, CISA, GCIH, GCFA, GCFE
We’re proud to offer a great range of benefits including:
For more information about ABM’s benefits, visit our careers page
ABOUT US
ABM is one of the world’s largest providers of integrated facility services. A driving force for a cleaner, healthier, and more sustainable world, ABM provides essential services that improve the spaces and places that matter most. ABM offers a comprehensive array of facility services that includes cleaning, engineering, parking, electrical & lighting, energy solutions, HVAC & mechanical, security, and mission critical solutions. ABM delivers these custom facility solutions to properties across a wide range of industries – from commercial office buildings to schools, airports, hospitals, data centres, manufacturing plants and distribution centres, entertainment venues and more. In the UK we’re proud to service icon sites across the country with more than 10,000 team members. For more information, visit www.abm.co.uk.
ABM are committed to employment practices that promote diversity and inclusion in employment regardless of age, disability, gender reassignment, sex, marriage and civil partnership status, pregnancy and maternity status, race, religion or belief. We are proud members of the Armed Forces Covenant Employer Recognition Scheme.
Founded in 1909, ABM Industries is a facilities management company providing janitorial, electrical, HVAC, lighting, energy, landscaping, facilities engineering, and parking services. ABM provides services to the aviation, commercial, education, h...
1 jobsSubscribe to Rise newsletter