Business Security Officer

About Orange Business:

Orange Business is a leading network and digital integrator company with offices in 65 countries worldwide, and part of the Orange Group.

Digital Services, a business line of Orange Business is a newly created division within Orange Business. In Europe the business line consists of approximately 1500 people distributed across 10 countries. We are digital natives, with innovation at the core of our business, which makes us a reliable partner close to our customers. Our joint mission is to help innovate, drive and lead them in their digital transformation challenges and business strategies in key digital domains, including Cloud, Customer Experience, Digital Workspace and Data & AI. As an agile and fast-moving digital business partner, the business line offers trusted end-to-end solutions and products that help businesses in a wide range of industries in the private and public sector transform their operations, enhance customer experience, and drive growth.

With our digital expertise, we are a strategic partner of Orange Business objectives to be a leading network and digital integrator with our team as a key growth engine.

The team:

In Security, Governance and Compliance (SGC), we enable everyone in Digital Services Europe (DSE), Orange Business to perform business activities according to regulatory and certification standards as well as business requirements. Secure and compliant operations are an important element in the company reaching business goals, and SGC has close cooperation with both customers as well as the DSE delivery organization. Our work is aligned with the business strategy to ensure SGC is an integral part of driving innovation and keeping up with changing business needs.

We firmly believe that good security and compliance will be achieved through an engaged and competent workforce, using policies, processes, and tools to support our high commitment to security. We believe security and business deliveries are interlinked, which is why Business Security Officers (BSO) are organized in SGC to ensure a strong alignment and foundation in the security organization while supporting the business.

The BSO is organized in the Orange Business DSE security department, reporting to the Head of Security, and interacts closely with our customer delivery organizations, especially customer-appointed security representatives and/or their management. The BSO is also engaged when external regulatory bodies, external partners/auditors (for example on ISO certifications or Sikkerhetsloven), as agreed and authorized by customer and customer delivery teams, and our internal Service Managers and Business Managers.

The position:

As BSO you will work as a liaison for our Norwegian based customers, bridging the gap between the customer, the customer delivery team in Orange Business, and other delivery units such as CyberSOC, Operations Center and Data Center. This role is typically provided to customers with high security awareness and specific requirements that must ensure compliance with different information security standards or frameworks.

Your job will be to remain up to date on customer needs and ensure that Orange Business continues to design and operate our services in alignment with the security and privacy requirements. The BSO will also ensure ongoing reporting on security, risk, and compliance, both internally to the Group CISO, as well as towards the customers. You will act as a partner for your customers, providing advice, assessments and guidance on their security development to ensure continuous, robust, and secure delivery.

Additionally, you will assist the Group CISO and Orange Business to comply with laws and regulations, such as NIS2, DORA, PCI-DSS and GDPR in each country of operation (in collaboration with the Data Protection Officer and the Group CISO), National/EU Security Act, etc.

Your key areas of responsibility as Business Security Officer:

• Meetings with customers, Group CISO and participate in internal/customer security forums, on a regular basis to convene and discuss security topics.
• Put together and present a monthly security situation report for the customer environment and analyze and respond to activities accordingly.
• Understand and advise on the customer’s risks from a compliance perspective.
• Provide input towards compliance work in accordance with ISO 27001, SOC2, NIS2, DORA, PCI-DSS and GDPR to enhance proactive security measures, identify and reduce risks
• Create or assist in creating customer specific deliveries, procedures and routines, and make sure they are in line and up to date with our policies, laws and regulations 
• Take a lead in conducting security exercises, aiming to test and improve the cooperation between our customers and Orange Business
• Assist customers and customer teams in planning and executing disaster and continuity exercises, audits, and change/architecture forums
• Build and maintain security and privacy awareness as well as provide guidance to our customer teams
• Represent SGC in customer monthly security forums

As an ideal candidate you must have:

• Documented high school or college degree in IT, Information Security, Law, or equivalent competence through work experience
• Minimum 3 years' experience in a relevant position within Information- or IT-security
• Strong focus on service and delivery towards customers
• Ability to take ownership to find solutions to customer queries and problems
• Documented competence of EU IT regulations and customer experience within the area
• Excellent communication skills in Norwegian and English, with an ability to meet customers at their respective levels
• Willingness and possibility to get security cleared to level H as per the Norwegian Security Act (Sikkerhetsloven)

It is not a requirement, but other preferred qualifications would be:

• Experience in auditing, security architecture, or AI development
• Certifications ex. CISSP, CCSP, CompTIA Security+, ISACA, other certifications by SANS or ISC
• Competence in Risk Management, Helsenormen or Sikkerhetsloven

What we offer you:

• Hybrid ways of working with access to our modern & collaborative office in Oslo
• We may work with tomorrow’s technology, but at our core we are a people-oriented organization and we are proud to have our Great Place to Work certification
• An open and inclusive culture, that enables us to reach our full potential
• A community of experts - as Digital Natives, we put innovation at the heart of our expertise
• Read more about the benefits we offer here.

The process:
We screen applications on an ongoing basis, with the aim of conducting conversations and interviews as we receive them.

Interested but feel that you don´t match the criteria 100%? We encourage you to apply anyway! We believe in the potential of diverse skill sets, perspectives and individuality. We want to encourage everyone to be their authentic selves and your unique capabilities may align perfectly with our team's needs! Your perfect match might be the next job we are announcing, so why not have a head start and apply now!

Are you interested to read more about Orange Business? Visit our Website or follow our LinkedIn account.