Business Information Security Partner

As a family company, we serve people and communities. When you work at Meijer, you’re provided with career and community opportunities centered around leadership, personal growth and development. Consider joining our family – take care of your career and your community!

 

Meijer Rewards

• Weekly pay

• Scheduling flexibility

• Paid parental leave 

• Paid education assistance

• Team member discount

• Development programs for advancement and career growth

 

Please review the job profile below and apply today!

​​The Business Information Security Partner (BISP) supports the Chief Information Security Officer (CISO) in managing and overseeing the organization’s information security program. This role involves developing and implementing security enablement strategies to protect the organization’s information assets. Leads a team of architects and application security engineers to design and implement security controls for the organization. The BISP acts as a trusted advisor to the CISO and other Directors, providing guidance on security best practices and risk management implementation. This role acts as a liaison between security, IT, legal, compliance and business units to align security initiatives with organizational goals while ensuring a robust security posture.​

 

What You’ll be Doing: 

• Develops and owns the security strategic roadmap aligned with organizational goals 

• Leads a team responsible for designing, developing and implementing technical and process controls to support compliance objectives 

• Acts as a trusted partner to the CISO, ensuring smooth operations within the security program 

• Collaborates with Security leadership to define and measure key performance indicators, providing executive-level reports and presentations on security posture and strategy 

• Leads the implementation of governance processes for security policies, frameworks, and risk management 

• Facilitates key business relationships with other ITS departments, legal, compliance, and business units to ensure successful implementation; manages communications, aligns priorities across teams, and drives organizational change management as needed 

• Consults with, mentors and coaches ITS and business team members and leadership, project and program managers and vendors on secure coding principles and guidelines, concepts, processes and tools 

• Drives adoption of security tools and processes with partners through highly aligned strategies and processes 

• Provides security focused technical consulting on business projects or system issues 

• Ensures security is embedded in IT and software development processes 

• Works with teams to map security controls, as defined by Governance, Risk and Compliance (GRC), into architecture design patterns  

• Leads team that develops secure design patterns and best practices for infrastructure, cloud, and applications 

• Leads team that works with developers and DevOps teams to integrate security into the SDLC 

• Utilizes knowledge of security best practices for project and portfolio management to recommend and implement necessary changes 

• Leads and directs team to accomplish security objectives and key results 

• This job profile is not meant to be all inclusive of the responsibilities of this position. May perform other duties as assigned or required. 

 

What You Bring with You (Qualifications): 

 

• Bachelor’s degree in Computer Science, Engineering, Security Management or related discipline 

• Master’s degree is preferred 

• Advanced security certifications such as the CISSP, CISM, or CPP are required 

• 15+ years of information security experience, preferably in a leadership role 

• 15+ years experience in IT with a broad range of exposure to business planning, systems analysis, security solutions, application development and infrastructure support 

• Experience in leading design and engineering teams 

• Knowledge of information security principles and practices, privacy laws and regulations, and AI 

• Knowledge of NIST, CIS, other security and risk frameworks 

• Demonstrated competency in strategic thinking with abilities in relationship management 

• Expert knowledge of business environment and systems architecture 

• Strong analytical and problem-solving skills 

• Excellent oral and written communication skills; ability to present and discuss technical information in a way that establishes rapport, persuades others and gains understanding