Business Information Security Officer in London

We are searching for an experienced Business Information Security Officer. The Line of Business, Business Information Security Officer (BISO) supports the integration of cyber security practices within RSM's Lines of Business. This role acts as a conduit between business teams and the central cyber security function, communicating and embedding security requirements, and ensuring secure delivery of projects and services.

Responsibilities include assessing and managing risks, ensuring compliance with relevant regulations and standards, aligning cyber strategy and Lines of Business strategy, and promoting a culture of security integration and awareness. This is an ideal role for someone experienced in cyber security, risk and compliance who has experience working with senior stakeholders and delivering business-facing security work.

• Manage and maintain the Information Security Management System (ISMS), including development and upkeep of security policies, standards, procedures, and compliance with frameworks such as ISO 27001 and Cyber Essentials Plus.
• Partner with Lines of Business leadership and operational teams to align cyber and business requirements, embed security into operating models, and support projects, new initiatives, and technology solutions.
• Identify, assess, and manage cyber risks through risk assessments, internal audits, and ongoing evaluation of security controls and vulnerabilities.
• Act as the primary information security contact for the Lines of Business, providing guidance, coordinating with the central security team, and supporting client and supplier assurance activities.
• Monitor, report, and communicate security risks, compliance status, and emerging threats, providing regular updates to senior management and staying current with industry trends and innovations.

What we are looking for: Are you someone who thrives on variety, loves learning new things, and enjoys connecting with people? If you can spot inefficiencies in everyday life and are passionate about making improvements, this role is perfect for you! We value diverse experiences and perspectives. Here are the key qualifications:

• 5-10 years of experience implementing, managing, and maintaining information security controls, including ISMS administration and maintaining ISO 27001 and Cyber Essentials+ certifications.
• Proven ability to embed cyber security into business services, working closely with operational teams to integrate controls into operating models and processes.
• Experience collaborating with digital operations and application development teams to incorporate security across delivery lifecycles and enable secure innovation.
• Strong stakeholder management, communication, and interpersonal skills, with the ability to influence, provide constructive feedback, and engage at both senior and operational levels.
• Highly organised, analytical, and proactive team player with strong investigative skills and a commitment to continuous personal and team development.

What we can offer you: We recognise that our people are our most important assets. That's why we offer a flexible reward and benefits package that will help you have a fulfilling experience, both in and out of work.

• Hybrid and Flexible working
• 26 Days Holiday (with the option of purchasing additional days)
• Lifestyle, Health and Wellbeing including financial wellbeing benefits such as financial tools, electric car scheme and access to a virtual GP
• Access to a suite of 300+ courses on demand developed by our in‑house Talent Development team

Permanent Location: London Department: Technology & Digital Advisory