Manager, Cybersecurity BISP

Job description

The Business Information Security Partner (BISP) will be a trusted advisor to a specified business or function in all areas pertaining to Cybersecurity to help the business achieve their strategic goals.

The BISP will develop and manage business partnerships with the leadership teams to formulate the Cybersecurity strategy in alignment with divisional business strategy and objectives. The BISP will drive key programs to protect Stryker from cyber risk and drive cybersecurity strategies in collaboration with our regional businesses to foster cyber awareness and adherence to security operations.  

Key responsibilities include: build strong collaborative relationships with division leadership and teams; provide innovative strategies to stay ahead of emerging cyber threats and trends; educate department heads by providing insights and data on emerging cyber trends; identify opportunities for cyber risk mitigation and prioritizing initiatives; prepare, define, and monitor cybersecurity projects to ensure Stryker’s assets are protected; and, drive clear effective cyber awareness communications across leadership teams..

The role will drive key programs and be the primary point of contact for cybersecurity incidents, as well as, innovation and continuous improvement in cybersecurity, cyber risk and compliance to achieve financial, operational and customer service goals in collaboration with the Cybersecurity teams.

What you will do:

• Drive cybersecurity value creation and customer satisfaction for the business

• Build and maintain strong relationships with division leadership and act as a liaison between Cybersecurity and the business

• Support continuous risk assessment, threat modeling and proactive mitigation strategies in collaboration with the business and Cybersecurity teams

• Collaborate with business and Cybersecurity teams to develop and enforce cybersecurity policies, procedures and standards

• Serve as POC for incident response management; develop and maintain a comprehensive incident response plan for business users

• Manage cybersecurity risks associated with third-party vendors and service providers

• Drive adherence to third-party risk assessment process

• Assist in the development of metrics used to track value delivery

• Identify opportunities where conflicts/synergies/redundancies exist between business capabilities and systems to improve Cybersecurity effectiveness

• Liaise with other Cybersecurity, IT and product security stakeholders in project management, architecture and governance to ensure alignment and ensure a smooth integration of process output with the rest of the technology ecosystem

• Support geographic execution of Cyber awareness programs

• Accountable for delivering adequate business intelligence reporting capability to support the business

• Communicate on projects by issuing regular status updates and managing communication within team, business leadership and stakeholders.

• Work with colleagues and other stakeholders to enable timely resolution of remediation actions.

• Conduct daily monitoring of BitSight vulnerability findings, ensuring timely escalation to the appropriate teams as necessary to address and remediate security issues promptly.

• Provide strategic recommendations to enhance security processes, policies, and compliance efforts within a highly regulated industry.

• Cross-functional collaboration working closely with cybersecurity teams and other Stakeholders to track remediation efforts, address security gaps, and provide executive-level insights using advanced dashboards and reporting.

• Lead key initiatives related to BitSight, and other remediation efforts as needed, ensuring timely execution and delivery of security enhancements that align with the company’s strategic goals.

• Research domain ownership and points of contact, facilitating team coordination to track and remediate vulnerabilities, preventing potential security threats.

• Work with teams to establish clear objectives, metrics, and deadlines for all BitSight vulnerability management activities. Track progress against these goals and ensure timely completion of all tasks to meet organizational security standards and compliance requirements.

• Perform other duties as directed

What you need:

• Bachelor’s degree required

• Bachelor’s in Business Administration or Computer Information Systems preferred

• CISSP preferred

Qualifications & experience:

• Minimum of 8+ years of professional work experience required

• Knowledge (4+ years) of medical devices and/or pharmaceutical industry and basic knowledge of adjacent areas in terms of processes, organization, products and cybersecurity requirements

• Project management experience, working with internal and external cross-divisional team members, preferably with Cybersecurity projects

• Ability to work effectively in a matrix organization structure with significant emphasis on collaboration and persuasion, rather than relying entirely on command and control

• Strong communication skills with ability to communicate effectively with both divisional leaders and technical teams

• Strong presentation and track record of facilitating to various global audiences

• Strong analytical and problem-solving skills.

• Good business acumen and negotiation skills

• Strong organizational capabilities to manage multiple priorities.

• Must have strong customer service skills and focus along with excellent communication, interpersonal, and negation skills

• Strong analytical and organizational skills

• Driven to continually build knowledge and skills

• Able to build trusting relationships in and outside of the organization

• Versatility, flexibility, and a willingness to work within dynamically changing priorities with enthusiasm

• Excellent trainer and has experience with change management