Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Become the go-to advisor for cybersecurity and business operations, ensuring security aligns with goals.
- Company: Join Vattenfall, a leading European energy company with over 100 years of innovation and teamwork.
- Benefits: Enjoy competitive pay, flexible working options, and opportunities for personal and professional growth.
- Why this job: Make a real impact by embedding security in business processes and driving a culture of awareness.
- Qualifications: Bring your experience in information security and a proactive attitude to thrive in a dynamic environment.
- Other info: Diversity is key at Vattenfall; we celebrate unique perspectives and offer inclusive policies.
The predicted salary is between 43200 - 72000 Β£ per year.
Heat UK is a forward-thinking organization committed to innovation, resilience, and trust. As we continue to grow and evolve in a digital-first world, we are seeking a strategic and business-savvy Business Information Security Officer (BISO) to bridge the gap between cybersecurity and business operations. The BISO is expected to be adaptable and have the ability to implement the integration of cybersecurity into our IT and operational technology (OT) ecosystems.
As the BISO, you will serve as the primary liaison between the BA Customers & Solutions Security & Resilience team and business units, ensuring that information and cybersecurity strategies align with business goals. You will be responsible for embedding security into business processes, managing risk, and driving a culture of security awareness across the organization. The BISO will report directly to the Head of Business Excellence, with additional reporting to the Director of Asset Management on the OT topics.
Main tasks
- Act as the trusted information and cybersecurity advisor to management and stakeholders
- Establishing, developing and implementing the Security Management System in the BU Heat UK through translation of technical security requirements into business-aligned strategies.
- Identify, assess, and mitigate information security risks within Heat UK
- Work as part of the BA Customers & Solutions Security & Resilience team to implement policies, standards, and controls.
- Lead security risk assessments, audits, and compliance initiatives and promote security awareness and training programs tailored to business needs.
- Support business continuity planning and incident response, including participation in on-call duty in connection with security incidents
- Monitor and report on key security metrics and risk indicators.
- Identify, register and assess cyber risks across business processes, applications, and industrial systems and translate security policies into actionable controls for IT/OT environments.
- Drive cybersecurity awareness and training tailored to business and OT users.
- Ensure compliance with industry regulations (e.g. ISO/IEC 62443, GDPR, etc).
Vattenfall is a European energy company with approximately 21 000 employees. For more than 100 years we have electrified industries, supplied energy to peopleβs homes and modernised our way of living through innovation and cooperation. We are looking for talented individuals who, in addition to their passion for their own role, also have strong team spirit and want to contribute to supporting a meaningful corporate mission.
- Experience in the above topics, preferably in information security management systems and service level agreements with exposure to both IT and OT environments.
- A proactive work attitude. Able to take responsibility and to keep focus on your goals
- Knowledge on how to cooperate with others, to prioritize and to work under pressure.
- A critical attitude when necessary and will talk to others about their professional responsibility.
- Very good communication and negotiation skills, also on a management level.
- Completed university studies, preferably in the fields of computer science, engineering or business informatics.
- Strong understanding of industrial control systems (ICS), SCADA, and business IT systems.
- Familiarity with cybersecurity frameworks (e.g., NIST CSF, ISO 27001, IEC 62443).
- Relevant certificates for proof of competence are an advantage: CISSP, GICSO, CRISC CISM, CISA, ISO 27001 Lead Auditor/Implementer
- Good knowledge of the ISO 27000 series of standards
- Very good abstraction skills and pronounced skills in logical-analytical and informatic thinking
- Very good command of spoken and written English
- Willingness to travel, primarily within Europe
Our offer
Good remuneration, a challenging and international work environment, and the possibility to work with some of the best in the field. You will be working in interdisciplinary teams and you can always count on support from committed colleagues. We offer attractive employment conditions and opportunities for personal and professional development.
More Information
We welcome your application in English, no later than 24/08/2025. We kindly request that you do not send applications by any means other than via our website as we cannot guarantee that we will be able to process applications that are not made via our website.
For more information about the recruitment process you are welcome to contact our recruiter Adam Hammond via adam.hammond@vattenfall.com
Commitment to Diversity
Vattenfall is committed to promoting a diverse and inclusive community – a place where we can all be ourselves and succeed on merit. We offer a range of family friendly, inclusive employment policies, flexible working arrangements, staff engagement forums and services to support all our employees.
We are convinced that diversity contributes to build a more profitable and attractive company and we strive to be good role model regarding diversity. Vattenfall works actively for all employees to have the same opportunities and rights regardless of gender, ethnicity, age, transgender identity or expression, religion or other belief, disability or sexual orientation.
We look forward to receiving your application!
#J-18808-Ljbffr
BISO and Data Information Manager employer: Vattenfall GmbH
Contact Detail:
Vattenfall GmbH Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land BISO and Data Information Manager
β¨Tip Number 1
Familiarise yourself with the specific cybersecurity frameworks mentioned in the job description, such as NIST CSF and ISO 27001. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the role.
β¨Tip Number 2
Showcase your understanding of both IT and OT environments by preparing examples of how you've successfully integrated cybersecurity measures in past roles. This will highlight your adaptability and strategic thinking, which are crucial for the BISO position.
β¨Tip Number 3
Prepare to discuss your experience with risk assessments and compliance initiatives. Be ready to share specific instances where you identified and mitigated risks, as this will illustrate your proactive work attitude and critical thinking skills.
β¨Tip Number 4
Network with professionals in the cybersecurity field, especially those who have experience in energy or industrial sectors. Engaging with industry peers can provide valuable insights and potentially lead to referrals, increasing your chances of landing the job.
We think you need these skills to ace BISO and Data Information Manager
Some tips for your application π«‘
Understand the Role: Before you start writing your application, make sure you fully understand the responsibilities and qualifications required for the BISO and Data Information Manager position. Tailor your application to highlight how your skills and experiences align with these requirements.
Craft a Strong CV: Your CV should clearly outline your relevant experience in information security management, particularly in both IT and OT environments. Use bullet points to detail your achievements and responsibilities in previous roles, focusing on those that demonstrate your ability to manage risks and implement security strategies.
Write a Compelling Cover Letter: In your cover letter, express your enthusiasm for the role and the company. Highlight specific examples of how you've successfully integrated cybersecurity into business processes in the past. Make sure to mention your understanding of industry regulations and frameworks relevant to the position.
Proofread Your Application: Before submitting your application, take the time to proofread it carefully. Check for any spelling or grammatical errors, and ensure that all information is accurate and up-to-date. A polished application reflects your attention to detail and professionalism.
How to prepare for a job interview at Vattenfall GmbH
β¨Understand the Role
Make sure you have a clear understanding of the BISO role and its responsibilities. Familiarise yourself with how cybersecurity integrates into business operations, especially in IT and OT environments. This will help you articulate your thoughts during the interview.
β¨Showcase Relevant Experience
Prepare to discuss your previous experience in information security management systems and service level agreements. Highlight any specific projects or roles where you successfully bridged the gap between cybersecurity and business needs.
β¨Demonstrate Communication Skills
As a BISO, you'll need excellent communication and negotiation skills. Be ready to provide examples of how you've effectively communicated complex security concepts to non-technical stakeholders or management in the past.
β¨Prepare for Scenario-Based Questions
Expect scenario-based questions that assess your problem-solving abilities and critical thinking. Think about how you would handle specific cybersecurity risks or incidents, and be prepared to explain your thought process clearly.
