Business Information Security Officer

Remote-US-MD, United States

Ciena

Ciena is a global leader in optical and routing systems, services, and automation software.

View all jobs at Ciena

Apply now Apply later

Ciena is committed to our people-first philosophy. Our teams enjoy a culture focused on prioritizing a personalized and flexible work environment that empowers an individual’s passions, growth, wellbeing and belonging. We’re a technology company that leads with our humanity—driving our business priorities alongside meaningful social, community, and societal impact.

Why Ciena:

  • We are big proponents of life-work integration and provide the flexibility and tools to make it a reality with remote work and potentially, part-time work.
  • We believe an inclusive, diverse, and barrier-free work environment makes for empowered and committed employees.
  • We recognize the importance of well-being and offer programs and benefits to support and sustain the mental and physical health of our employees and their families and also offer a variety of paid family leave programs.
  • We are committed to employee development, offering tuition reimbursement and a variety of in-house learning and mentorship opportunities.
  • We know that financial security is important.  We offer competitive salaries and incentive programs, RSU’s (job level specific) and an employee share option purchase program.
  • We realize time away to recharge is important.  We offer flexible paid time off!
  • Great work deserves recognition. We have a robust recognition program, with ongoing and enhanced awards for exemplary performance.

How You Will Contribute:

Reporting to the Director, Business Security Partners, as the Business Information Security Officer (BISO), you’ll be the liaison between Ciena’s Security program and the Ciena Government Solutions (CGSI) business. Your main responsibility is to oversee cybersecurity and assurance within your assigned region or business unit. Working closely with our Chief Information Security Officer, you will play a crucial role in meeting the Security & Compliance needs of one of our most dynamic business units. Your expertise and guidance are essential in ensuring that all processes and systems meet our company's security risk tolerance. As a trusted advisor, you will gather business requirements and provide advice and oversight to ensure compliance with security risk tolerance for processes and systems. You will also set expectations for regional/business security postures and identify opportunities to enhance security against future trends and threats.

You will collaborate closely with product engineering, operations, Public Sector compliance, and Government Accreditation teams to monitor and report on security compliance. Your goal is to help business units achieve their objectives without compromising security. You will take a proactive approach by assessing security posture, providing expert guidance, and developing solutions that meet the stringent standards of United States government agencies.

  • Bridge the gap between the Enterprise Security organization and Ciena's government solutions business
  • Collaborate closely with product security, other security functions in the CISO organization, and IT operations.
  • Collaborate with Legal compliance and Government Accreditation teams to oversee and report on security compliance
  • Build and maintain trusted relationships with Ciena government solutions sales, services and operations teams
  • Partner with the government business stakeholders in implementation and maintenance of CMMC (Cybersecurity Maturity Model Certification) compliance
  • Manage multiple impactful and complex security projects, aligning them with internal security requirements
  • Be actively informed and engaged in security projects across the business.
  • Enforce the strong security culture set forth by the CISO, ensuring uniformity across security leadership, business units and employees.
  • Ensure business projects are focused on cybersecurity from the beginning.
  • In conjunction with security and business leaders, define key performance indicators (KPIs) and metrics aligning with business initiatives and deliver them to non-technical teams in terms that are accessible and comprehensible.
  • Provide motivation to business units to adopt cybersecurity controls. 
  • Remove complexity and obstacles that hinder efficient security controls enterprise wide.
  • Build relationships with business units to deliver security-by-design controls incorporated into projects, architecture, infrastructure and applications.
  • Stay abreast of new laws, regulations and standards, and assess their impact to the business.
  • Verify security content training initiatives and internal/external communication are conducted regularly.
  • Identify opportunities for the business unit to automate security processes with key security functions

What Does Ciena Expect of You?

  • Initiative – you’re a self-starter who works with limited direction and is committed to delivering against aggressive deadlines.
  • A customer first mentality – what’s important to the customer is also important to you.
  • Agility – with an ability to flex between the strategic and tactical, you manage competing and ever-changing priorities and maintain a balanced and methodical approach to problem solving.
  • Communication expertise – you possess the ability to tailor your message and ideas to the audience to ensure understanding and consensus.
  • The flexibility to work independently and as part of a broader team – you thrive in a team environment, are comfortable working independently, and know how to get things done in a virtual environment.
  • Relationship builder – with a proven ability to influence at all levels, you’re able to quickly develop trusted connections and get work done through others.
  • A commitment to innovation – you keep abreast of competitive developments and are always keen to formulate new ideas and problem solve.

The Must Haves:

  • BA or BS in Computer Science or any related subject area, or 10+ years of experience
  • At least 3 years' experience working with business leadership and enterprise projects.
  • Experience with implementing and enforcing security protocols for handling CUI (Controlled Unclassified Information) in alignment with NIST SP 800-171 and CMMC 2.0
  • Experience with FOCI (Foreign ownership, control, or influence) risk mitigation
  • Experience taking a proactive stance in assessing security posture, offering expert guidance, and devising solutions to meet the rigorous standards of government agencies
  • Experience partnering closely with the US Public Sector Government Accreditation and compliance team for successful reporting and certification renewals
  • Experience with cross-matrix collaboration related to engineering, security, and compliance topics
  • Experience with responding to security and compliance customer questionnaires and engaging with customer representatives on security- and compliance-related topics
  • Strong written and verbal communication skills across all levels of the organization.
  • Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
  • High level of integrity, trustworthiness and confidence, and able to represent the company and security leadership with the highest level of professionalism.
  • Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.
  • Strong project management, multitasking and organizational skills.
  • Ability to work effectively with diverse teams and varying personalities and adapt management style to effectively reach mutually beneficial outcomes.
  • Able to attain and preserve credibility with the team through sustained industry knowledge.
  • Able to motivate the team to achieve excellence and give credit and recognition where it is due.
  • Excellent interpersonal and communication skills, with a results-oriented mindset
  • Must be United States citizen

Good To Have :

  • Active SECRET (with TS eligibility) or TOP SECRET security clearance preferred, not required.

#LI-BS1

Not ready to apply? Join our Talent Community to get relevant job alerts straight to your inbox.

At Ciena, we are committed to building and fostering an environment in which our employees feel respected, valued, and heard.  Ciena values the diversity of its workforce and respects its employees as individuals. We do not tolerate any form of discrimination.Ciena is an Equal Opportunity Employer, including disability and protected veteran status.If contacted in relation to a job opportunity, please advise Ciena of any accommodation measures you may require.
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  1  0  0

Tags: BISO CISO Clearance CMMC Compliance Computer Science KPIs NIST Product security Security Clearance Top Secret

Perks/benefits: Career development Flex hours Flex vacation Health care Startup environment

Regions: Remote/Anywhere North America
Country: United States

More jobs like this

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.