Business Information Security Officer
Jobtome
We are HCLTech, one of the world's largest and fastest growing technology and DSA companies with over 227,000 professionals across 60 countries, driving progress through industry-leading capabilities focused on Digital, Engineering and Cloud.
The driving force behind this work, our people, is a diverse, creative and passionate audience that enables us to continually raise the bar for excellence in our services. We strive to empower each of our professionals to achieve their best, while also striving to help them find their daily inspiration and become the best version of themselves.
Job Title: Business Information Security Officer (BISO / BSO)
Role Summary
The Business Information Security Officer (BISO/BSO) serves as the primary security liaison between the business, enterprise security, and GRC functions. The role ensures that information security risks are appropriately identified, assessed by accountable teams (e.G., GRC, vendor risk, compliance), clearly communicated to business stakeholders, and effectively acted upon.
The BISO enables secure-by-design execution across business initiatives while ensuring alignment with enterprise security frameworks and regulatory requirements such as ISO 27001, SOC 2, NIST, and FedRAMP.
Key Responsibilities
1. Secure-by-Design Advisory & Consulting
Act as a trusted security advisor to business and delivery teams, embedding security-by-design principles into initiatives from early design stages.
Translate enterprise security standards and regulatory requirements (ISO 27001, SOC 2, NIST, FedRAMP) into actionable guidance and security user stories.
Collaborate with architecture, engineering, and security teams to ensure security requirements are understood and incorporated into solution design.
2. SDLC Security Enablement (Coordination Role)
Ensure security requirements are integrated into SDLC processes for in-scope applications.
Coordinate with GRC, application security, and engineering teams to ensure security assessments, control validation, and remediation activities are executed.
Track security findings and ensure remediation plans are clearly understood and actioned by delivery teams.
3. Third-Party Risk & Due Diligence Coordination
Act as the business-facing liaison for third-party risk management activities conducted by GRC and vendor risk teams.
Ensure due diligence requests are completed by relevant stakeholders and that outcomes are communicated in business terms.
Facilitate business understanding of vendor risk posture and support informed risk decisions.
4. Divestiture / Transformation Support (Orthopedic Programs)
Support security activities for orthopedic divestiture and transformation initiatives.
Coordinate across IT, GRC, security, and business teams to ensure security requirements are addressed during transition planning and execution.
Ensure alignment with enterprise security frameworks and regulatory obligations throughout the transformation lifecycle.
5. Physical Site Security Coordination
Support physical security assessments for scoped orthopedic sites conducted by appropriate security teams.
Ensure findings, gaps, and remediation actions are clearly communicated to business and site leadership.
Track remediation progress and support closure of identified risks.
6. Risk Governance, Communication & Collaboration
Facilitate security risk acknowledgement and decision-making discussions between GRC and business stakeholders.
Ensure risks, control gaps, and mitigation plans are clearly understood and appropriately documented.
Enable risk acceptance processes by ensuring business stakeholders are informed and aligned.
Collaborate across multiple teams (GRC, IT, engineering, legal, compliance, and business units) to ensure coordinated security outcomes.
Key Deliverables
Security-by-design guidance aligned to ISO 27001, SOC 2, NIST, and FedRAMP frameworks
Coordinated tracking of SDLC security activities and remediation status
Third-party risk communication summaries (from GRC outputs)
Divestiture security coordination artifacts and transition support documentation
Physical site assessment coordination reports and action tracking
Risk acknowledgement and acceptance documentation
Executive-level security status reporting for business stakeholders
Core Competencies
Strong understanding of enterprise security frameworks: ISO 27001, SOC 2, NIST, FedRAMP
Excellent stakeholder management and cross-functional collaboration skills
Ability to translate technical risk into business impact and decision-ready language
Strong coordination
Equality & Opportunity for All
Representing 165 nationalities worldwide, we are proud to be an equal opportunity employer committed to providing equal employment opportunities to all applicants and employees without regard to race, religion, sex, color, age, national origin, pregnancy, sexual orientation, disability or genetic information, or any other protected classification, in accordance with federal, state and/or local laws
At HCLTech, we don't just offer jobs — we offer journeys. Join a global team where your work drives innovation, your ideas matter, and your growth is supported every step of the way.
Why Choose HCLTech?
- Be part of a purpose-led organization with a global footprint
- Collaborate with diverse teams across borders
- Work on cutting-edge technologies in enterprise integration
- Enjoy career mobility, continuous learning, and a culture of inclusion
Ready to #FindYourSpark and be part of a team that's #SuperchargingProgress?
Apply now or reach out to learn more about this exciting opportunity!
- ...Requisition ID: 453238 Work Area: Information Technology Expected Travel: 0 - 10% Career... ...ROLE Our mission of the SAP Global Security and Cloud Compliance (SGSC) organization... ...providing significant value to our business stakeholders. You'll be part of an international...
- ...Development Architect to join SAP’s Business Data Cloud Technology Office — a central team driving the future... ..., while understanding governance, security, and compliance implications. Knowledge... ...Our mission is to unlock the full information value chain—enabling customers to...
- ...automations. This role bridges the gap between business operations and technology. You will act... ...databases and ensure data integrity as information flows between the CRM, ERP, and operational software. IT Administration & Security Administer core software platforms and...
- ...acesso de usuários. Análise e troubleshooting em problemas de autorização. Documentação de conceitos de autorização (existentes), informações relacionadas ao projeto, incluindo configurações de autorização, resultados de testes e marcos do projeto. Suporte aos testes de...
- ...autorização; Documentação de conceitos de autorização (existentes), informações relacionadas ao projeto, incluindo configurações de... ...materiais de treinamento para usuários finais. Cargo: Analista SAP / Security Authorization Tipo de Contrato: CLT (Efetivo) Área...
- ...recentes ameaças e avanços em cibersegurança e compartilhar essas informações com a equipe. Atividades adicionais:Participação em exercícios... ...interromper ameaças. Escalonamento para a Gestão de Cyber Security com base na avaliação de impacto. Formação Acadêmica: Não...
- ...scripts to extract, analyze, validate, reconcile, and report on business data. Strong data validation, reconciliation, and root cause... ...confer encesExposure to work in an IT environment that adheres to rigorous security and compliance standards defined by IS O/SOC
- Responsabilidades e Atribuições Efetuar detalhamento de projeto na sua especialidade de processos, conforme normas e padrões vigentes; Realizar levantamento de campo e de documentação técnica; Atualizar, revisar e elaborar documentação técnica pertinente para ...
- ...the P&L About the Role: We are looking for a detail-oriented Business Analyst to support evaluation and annotation workflows focused... ..., accuracy, and relevance. Conduct fact-checking to validate information and identify inconsistencies or inaccuracies. Provide detailed...
- ...About the Company Fraud Deflect helps businesses make better decisions around fraud, chargebacks, disputes, alerts, and operational performance. We work with high-volume operational data and need clear, trusted reporting that helps teams move quickly and make better...
- ...About Us: Temu is seeking a highly motivated and experienced Business Development Managerto join our team. As a rapidly growing company, we are looking for talented individuals committed to helping us achieve our goals. In this role, you will have the opportunity to...
- ...dashboards, and generate reports, but often lack the structured thinking to turn those outputs into decisions that actually change the business. This role exists to close that gap. Responsibilities: Diagnosing drivers of customer satisfaction, loyalty, and operational...
- ...Summary We are a family-owned business group overseeing a... ...providers , including medical offices, travel partners, production... ...entities, ensuring documents are secure, accessible, and well categorized... ...judgment with sensitive information ~ Reliable high-speed internet...
- A Brunel está apoiando uma consultoria de dados na busca por um(a) Desenvolvedor(a) de BI Pleno para atuar na construção e evolução de soluções analíticas, com forte ênfase em engenharia de dados. A atuação envolve contato frequente com interlocutores internacionais, ...
- ...position as a trusted, intelligent trading platform. Our current vacancy | Full-time | Long-term | REMOTE Responsibilities Formulate business development plans, assist the team in completing the introduction, negotiation, cooperation, and signing of business cooperation...
- ...CFDs, ETFs, indices, commodities, or other multi-asset trading products - Strong partner network and proven track record of driving business growth - Excellent communication and stakeholder management skills - Proficiency in English and local languages is essential...
- ...We are open to candidates who do not have a Bachelor's degree but have experience in the area. Experience writing professionally (business analysts, research analyst, copywriter, journalist, technical writer, editor, translator, etc.) Understanding of Excel and Google...
- Oi! Na Bizneo somos uma das maiores plataformas de HR Tech da Europa e LATAM, com mais de 30 módulos de software para gestão de pessoas :) Estamos buscando reforços para o time comercial no Brasil: alguém que curta o jogo da prospecção, entenda rápido um produto complexo...
- ...Technical Business Analyst – FIX Protocol / Trading Applications We are looking for a Technical Business Analyst with strong experience in FIX Protocol and trading applications to support technology initiatives within a global financial services environment....
- ...on connection, creativity, and impact. Position title: SAP Business Data Cloud iXp Intern – Fullstack Developer Location: São Leopoldo... ...program in Computer Science, Software Engineering, Information Systems, or a related field, with graduation expected in approximately...
- JOB DESCRIPTION Nossa matriz está buscando um(a) Business Development Representative (BDR) para compôr o time de Vendas da V4 Company... ...em técnicas de vendas como SPIN Selling e BANT. ADDITIONAL INFORMATION O que mais oferecemos: Ambiente vibrante, cheio de pessoas...
- ...working around the world, from our offices and remotely, to help us... ...with teams across the business to create a people-first environment... ...of local income tax, social security, pension, statutory leaves, and... ...or personal financial information during the hiring proce ss...
- ...succeed. Important information: This is a hybrid role based out of SAP Sao Leopoldo office, working in-office with the... ...to access their data assets securely and efficiently. Your work... ...travel and expense data for business intelligence and decision-making...
- ...CloudSEK, one of India’s most trusted Cyber security product companies, is on a mission to... ...and retention. Conduct Quarterly Business Reviews (QBRs) and Annual Business Reviews... ...snacks and drinks are all available while at office. And, the finest part is yet to come!...
- ...design, troubleshooting (RSoP, gpresult), security baselines, WMI filtering. ~ IIS at... ...spoken. Reliable, distraction-free home office with stable broadband (100 Mbps+... ...: You will operate aligned to New York business hours (08:30–17:30 ET). Typical Brazil hours...
- ...necessary to set up fields, profiles, roles, security & other configurations Investigate bugs... ...dashboards to support the delivery of business key metrics. Contribute and prepare... ...sexual orientation, disability or genetic information, or any other protected classification,...
- ...this role they will be supporting utility business processes such as billing, customer... ...solutions align with SAP best practices, security standards, and long-term platform roadmaps... ...national origin, disability status, genetic information, protected veteran status, or any other...
- ...people working around the world, from our offices and remotely, to help us achieve our... ...fintech ~ Familiarity with regulatory and security requirements in Brazil, including... ...such as engineering, computer science, or information systems ~ Great organisational and time...
- ...findings, how to resolve issues, how to meet technical/business requirements, and ultimately how to communicate solutions... ...ChangeMan, MXG, PKZIP, Syncsort, APM, OPSMVS, ESP MS Office Suite and VISIO QWS3270 Secure SFTP Linux Red Hat; WinSCP; MobaXterm; BASH; Linux security...
- ...network issues and minimizing impact on business operati ons. Supervise routine maintenance... ...network performance, reliability, and security, leveraging data and analytics to drive... ...Bachelor's degree in Computer Science, Information Technology, or a related fieldLanguage(s...
Deseja receber mais vagas?
Assine e receba vagas semelhantes a Business Information Security Officer. Seja o primeiro a se candidatar!
