Business Information Security Officer, Europe

Social network you want to login/join with: Business Information Security Officer, Europe, London col-narrow-left Client: Location: London, United Kingdom Job Category: Other – EU work permit required: Yes col-narrow-right Job Reference: 01c645f8e143 Job Views: 7 Posted: 05.05.2025 Expiry Date: 19.06.2025 col-wide Job Description: JOB DESCRIPTION ABOUT THE JOB We’re looking for a Business Information Security Officer (BISO), Europe to join our team in London, reporting to the Senior Manager, Business Information Security Office and Strategy. As the BISO for Europe, you’ll play a key role as the bridge between our central cybersecurity function and the regional business teams. You’ll work closely with regional leadership to understand business goals, embed cybersecurity—including AI-related risks—into operational strategies, and drive alignment between business and security objectives. You’ll also lead efforts to identify and assess risks, advise on mitigation approaches, and foster a strong culture of security awareness across the region. KEY RESPONSIBILITIES Business Partnership & Advisory: Collaborate with regional business leaders and managers to serve as a trusted advisor on cybersecurity matters, including new areas like AI security. Develop an understanding of regional team goals and processes to communicate cyber risks in e-commerce, retail, and wholesale business teams. Advise regional management on cybersecurity risk levels, posture, and the potential impact of threats. Support regional leadership by contributing to the cost-benefit analysis of information security programs. Partner with Privacy team and legal counsel on due diligence and data-related functions. Support the implementation and management of regional third-party risk management activities, including performing third-party risk assessments. Experience with PCI compliance. Manage, lead, and conduct PCI assessments for different countries, collaborating with app owners and payment gateways. Help build the regional data loss prevention (DLP) program components and understand the business impact. Advise on the implementation of corporate AI governance and security posture management for AI systems within the region. Ensure regional adherence to risk remediation protocols, tracking mitigation efforts and exceptions according to established frameworks and standards (e.g., NIST CSF, CIS). Communication & Culture: Engage constructively with partners regarding cybersecurity issues and requirements. Maintain relationships with respective points of contact. Understand different cultures in the European regions and stay updated on changing regulatory requirements. Educate regional partners on cybersecurity-related matters, including data and operational risks, to increase awareness and foster a security-conscious culture. Participate in relevant cybersecurity and business councils or working groups. Facilitate communication between regional departments and central cybersecurity teams. ABOUT YOU Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field. Experience engaging with and influencing management levels regarding business-specific Information Security Risk briefing and reporting. Experience operating within the European regulatory landscape (e.g., GDPR). 6+ years of experience in cybersecurity, network/application security, IT risk management, or similar roles, with demonstrated business partnering experience. Knowledge of cybersecurity principles, risk management frameworks (e.g., NIST CSF, CIS v8, PCI), and security technologies. Familiarity with AI concepts, AI-specific security risks, and AI governance frameworks (e.g., NIST AI RMF, EU AI Act principles). Experience with AI security posture management. #J-18808-Ljbffr