Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Act as a key link between cybersecurity and regional business teams, advising on risks and strategies.
- Company: Join LS&Co., a diverse and inclusive company committed to collective success.
- Benefits: Enjoy a hybrid work model and a culture that values your unique background and experiences.
- Why this job: Make a real impact by embedding cybersecurity into business goals while fostering a security-conscious culture.
- Qualifications: Bachelor's degree in a related field and 6+ years of cybersecurity experience required.
- Other info: Relevant certifications like CISSP or CISM are a plus; embrace the challenge of AI security.
The predicted salary is between 43200 - 72000 £ per year.
JOB DESCRIPTION
ABOUT THE JOB
We\’re looking for a Business Information Security Officer (BISO), Europe, to join our team in London, reporting to the Senior Manager, Business Information Security Office and Strategy.
As the BISO for Europe, you\’ll play a key role as the bridge between our central cybersecurity function and the regional business teams. You\’ll work closely with regional leadership to understand business goals, embed cybersecurity, including AI-related risks into operational strategies, and drive alignment between business and security objectives. You\’ll also lead efforts to identify and assess risks, advise on mitigation approaches, and foster a strong culture of security awareness across the region.
KEY RESPONSIBILITIES
Business Partnership & Advisory:
- Collaborate with regional business leaders and managers to serve as a trusted advisor on cybersecurity matters, including new areas like AI security.
- Develop an understanding of regional team goals and processes to communicate cyber risks in e-commerce, retail and wholesale business teams.
- Advise regional management on cybersecurity risk levels, posture, and the potential impact of threats.
- Support regional leadership by contributing to the cost-benefit analysis of information security programs.
- Partner with Privacy team and legal counsel on several due diligence and data related functions.
Risk Management & Governance:
- Support the implementation and management of regional third-party risk management activities, which includes performing third-party risk assessments.
- Experience with PCI compliance. Manage, lead, and conduct PCI assessment for the different countries in scope partnering with app owners and payment gateway solutions.
- Help build the regional data loss prevention (DLP) program components and understand business impact.
- Advise on the implementation of corporate AI governance and security posture management for AI systems within the region.
- Ensure regional adherence to risk remediation protocols, tracking mitigation efforts and exceptions according to established frameworks and standards (NIST CSF, CIS, etc.).
- Help establish a clear path to communicate risk within supported businesses.
Communication & Culture:
- Constructively engage partners regarding cybersecurity issues and requirements. Maintain relationships with respective point of contacts.
- Understand different cultures in the European regions and stay on top of changing and new regulatory requirements.
- Educate regional partners on cybersecurity-related matters, including data and operational risks and best practices, to increase awareness and foster a security-conscious culture.
- Participate in relevant cybersecurity and business-related councils or working groups.
- Facilitate communication between regional departments and central cybersecurity teams (e.g., security architects, engineers).
ABOUT YOU
- Bachelor\’s degree in Information Security, Computer Science, Engineering, or a related field.
- Experience engaging with and influencing multiple management levels regarding business specific Information Security Risk briefing and reporting.
- Experience operating within the European regulatory landscape (e.g., GDPR).
- 6+ years of experience in cybersecurity, Network/Application security, IT risk management, or a similar role, with demonstrated experience in business partnering or liaison functions.
- Experience with cybersecurity principles, risk management frameworks (e.g., NIST CSF, CIS v8, PCI , etc.), and security technologies.
- Familiarity with AI concepts, AI-specific security risks, and AI governance frameworks (e.g., NIST AI RMF, EU AI Act principles). Experience with AI security posture management.
- Relevant certifications (e.g., CISSP, CISM, CRISC).
LS&Co. is an affirmative action and equal employment opportunity employer. We welcome and value people from diverse cultures, backgrounds, and experiences to make LS&Co. a collective success.
#LI-hybrid
LOCATION
London, United Kingdom
FULL TIME/PART TIME
Full timeCurrent LS&Co Employees, apply via your Workday account. #J-18808-Ljbffr
Business Information Security Officer, Europe employer: Levi Strauss & Co.
Contact Detail:
Levi Strauss & Co. Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land Business Information Security Officer, Europe
✨Tip Number 1
Familiarise yourself with the specific cybersecurity frameworks mentioned in the job description, such as NIST CSF and PCI compliance. Understanding these frameworks will help you speak confidently about how they apply to the role during interviews.
✨Tip Number 2
Network with professionals in the cybersecurity field, especially those who have experience in business partnering roles. Engaging with industry peers can provide insights into the challenges faced in similar positions and may lead to valuable connections.
✨Tip Number 3
Stay updated on the latest trends and regulations in AI security, as this is a key focus for the role. Being knowledgeable about current events and advancements in AI governance will demonstrate your commitment and expertise during discussions.
✨Tip Number 4
Prepare to discuss your experience in risk management and how you've successfully communicated risks to various stakeholders. Highlighting your ability to bridge the gap between technical and non-technical teams will be crucial in this role.
We think you need these skills to ace Business Information Security Officer, Europe
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights relevant experience in cybersecurity, risk management, and business partnering. Use keywords from the job description to demonstrate your fit for the role.
Craft a Strong Cover Letter: In your cover letter, explain why you are passionate about cybersecurity and how your background aligns with the responsibilities of the Business Information Security Officer. Mention specific experiences that showcase your ability to advise on cybersecurity matters.
Showcase Relevant Certifications: If you have certifications like CISSP, CISM, or CRISC, make sure to mention them prominently in your application. These credentials can set you apart as a qualified candidate.
Demonstrate Cultural Awareness: Given the regional focus of the role, highlight any experience you have working in diverse cultural environments or with European regulatory frameworks. This will show your understanding of the complexities involved in the position.
How to prepare for a job interview at Levi Strauss & Co.
✨Understand the Role and Responsibilities
Make sure you have a clear understanding of the BISO role and its key responsibilities. Familiarise yourself with how this position acts as a bridge between cybersecurity and business teams, especially in relation to AI security risks.
✨Showcase Your Experience with Risk Management
Be prepared to discuss your experience with risk management frameworks like NIST CSF and CIS. Highlight specific examples where you've successfully identified and mitigated risks, particularly in a business context.
✨Demonstrate Cultural Awareness
Since the role involves working across different European regions, show that you understand the cultural nuances and regulatory requirements, such as GDPR. This will demonstrate your ability to engage effectively with diverse teams.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving skills in cybersecurity situations. Think about how you would advise regional leaders on cybersecurity risks and the potential impacts on their business objectives.
