Business Information Security Officer
Home Based - United Kingdom
Elsevier
Elsevier is a global information analytics company that helps institutions and professionals progress science, advance healthcare and improve performanceAbout the team
The team comprises a small group of skilled Business Information Security Officers (BISOs) dedicated to protecting the organization by identifying, mitigating, and managing cyber risks, dedicated to multiple business units. Working globally, the team collaborates closely with stakeholders to implement robust cybersecurity measures, maintain compliance, and ensure core business operations remain secure and resilient. Each BISO is responsible for fostering strong partnerships within their business unit, providing security expertise, and driving initiatives that reinforce secure behaviour. The team is instrumental in promoting a culture of security throughout the organization and is critical to our overall information security strategy.
About the role
As a BISO, you'll be responsible for planning, organizing, and executing enterprise-wide information and security initiatives for multiple business units. You'll deliver long-term improvements and benefits impacting our organizational goals focusing on risk management and cybersecurity defences. This includes managing complex and critical issues, creating strategies and charting a course for cyber progress, and finally evangelizing our core information security tools and risk management solutions. This role delivers outcomes, longer-term improvements and benefits that are measurable and impact the achievement of organization goals, focusing on risk management and enhancing the cybersecurity defences of the engaged business units.
Responsibilities
- Bring cybersecurity skills and risk management knowledge to our key projects in support of the goals, strategies and initiatives of the business unit
- Driving information and infrastructure security awareness and governance deep into the organization. This will involve aligning Business & Technology units with enterprise cybersecurity programs and objectives.
- Providing a critical liaison role between the business unit and the Elsevier Cyber Security organization. This includes enhancing the level of collaboration and effective communications with key stakeholders/business units.
- Defining the information and infrastructure security utilizing a risk-based approach. Develop goals, training recommendations, strategies, plans, and success criteria needed to achieve the vision.
- Developing and reporting cyber security metric scorecards to reflect the level of adoption and compliance to security policies/standards, remediation of vulnerabilities, and residual risks.
Key BISO Requirements
- Demonstrate an ability to effectively collaborate and communicate with multiple technical functions such as security, infrastructure, operations, software engineering and others.
- Illustrate expert knowledge and experience areas of Cyber Security involving incident response, risk, and governance. This would involve being able to imagine and create innovative approaches, strategies and develop security programs
- Demonstrate extensive understanding of Information Security compliance and governance frameworks such as NIST, ISO27001, or similar.
- Be a highly effective communicator (both verbal and written) having clear communication to present to senior and executive management, customers and clients. This will include but is not limited to: being able to adapt to a wide range of audiences, conduct presentations, define terminology and various departments using assorted communication mediums.
- Have extensive experience in problem-solving involving leading teams in identifying, researching, and coordinating the resources necessary to effectively. Such as troubleshooting/diagnosing complex project issues, prior success extracting/translating findings into alternatives/solutions, identifying risks/impacts, and schedule adjustments to facilitate management decision-making.
- Have excellent time management and organizational skills.
- Be able to define information and infrastructure security needs utilising a risk-based approach. You'll be able to provide examples of developing goals, training, strategies, and plans.
Work in a way that works for you
We promote a healthy work/life balance across the organisation. We offer an appealing working prospect for our people. With numerous wellbeing initiatives, shared parental leave, study assistance and sabbaticals, we will help you meet your immediate responsibilities and your long-term goals.
- Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive
Working for you
We know that your wellbeing and happiness are key to a long and successful career. These are some of the benefits we are delighted to offer:
- Generous holiday allowance with the option to buy additional days
- Health screening, eye care vouchers and private medical benefits
- Wellbeing programs
- Life assurance
- Access to a competitive contributory pension scheme
- Save As You Earn share option scheme
- Travel Season ticket loan
- Electric Vehicle Scheme
- Optional Dental Insurance
- Maternity, paternity and shared parental leave
- Employee Assistance Programme
- Access to emergency care for both the elderly and children
- RECARES days, giving you time to support the charities and causes that matter to you
- Access to employee resource groups with dedicated time to volunteer
- Access to extensive learning and development resources
- Access to employee discounts scheme via Perks at Work
About the Business
A global leader in information and analytics, we help researchers and healthcare professionals advance science and improve health outcomes for the benefit of society. Building on our publishing heritage, we combine quality information and vast data sets with analytics to support visionary science and research, health education and interactive learning, as well as exceptional healthcare and clinical practice. At Elsevier, your work contributes to the world’s grand challenges and a more sustainable future. We harness innovative technologies to support science and healthcare to partner for a better world.
#LI-RV1 #LI-Hybrid
-----------------------------------------------------------------------
Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. We are committed to providing a fair and accessible hiring process. If you have a disability or other need that requires accommodation or adjustment, please let us know by completing our Applicant Request Support Form: https://forms.office.com/r/eVgFxjLmAK , or please contact 1-855-833-5120.
Please read our Candidate Privacy Policy.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Analytics BISO Compliance Governance Incident response ISO 27001 NIST Privacy Risk management Security strategy Strategy Vulnerabilities
Perks/benefits: Career development Flex hours Health care Insurance Medical leave Parental leave
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.