Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Lead cybersecurity initiatives and embed security into business processes.
- Company: Join Vattenfall, a pioneering European energy company with over 100 years of innovation.
- Benefits: Enjoy competitive pay, flexible working options, and opportunities for personal growth.
- Why this job: Be part of a mission-driven team that values diversity and collaboration in a digital-first world.
- Qualifications: Experience in information security management and strong communication skills are essential.
- Other info: Applications must be submitted via our website by 24/08/2025.
The predicted salary is between 43200 - 72000 Β£ per year.
Heat UK is a forward-thinking organization committed to innovation, resilience, and trust. As we continue to grow and evolve in a digital-first world, we are seeking a strategic and business-savvy Business Information Security Officer (BISO) to bridge the gap between cybersecurity and business operations. The BISO is expected to be adaptable and have the ability to implement the integration of cybersecurity into our IT and operational technology (OT) ecosystems.
As the BISO, you will serve as the primary liaison between the BA Customers & Solutions Security & Resilience team and business units, ensuring that information and cybersecurity strategies align with business goals. You will be responsible for embedding security into business processes, managing risk, and driving a culture of security awareness across the organization. The BISO will report directly to the Head of Business Excellence, with additional reporting to the Director of Asset Management on the OT topics.
Main tasks
- Act as the trusted information and cybersecurity advisor to management and stakeholders
- Establishing, developing and implementing the Security Management System in the BU Heat UK through translation of technical security requirements into business-aligned strategies.
- Identify, assess, and mitigate information security risks within Heat UK
- Work as part of the BA Customers & Solutions Security & Resilience team to implement policies, standards, and controls.
- Lead security risk assessments, audits, and compliance initiatives and promote security awareness and training programs tailored to business needs.
- Support business continuity planning and incident response, including participation in on-call duty in connection with security incidents
- Monitor and report on key security metrics and risk indicators.
- Identify, register and assess cyber risks across business processes, applications, and industrial systems and translate security policies into actionable controls for IT/OT environments.
- Drive cybersecurity awareness and training tailored to business and OT users.
- Ensure compliance with industry regulations (e.g. ISO/IEC 62443, GDPR, etc).
Company Description
Vattenfall is a European energy company with approximately 21 000 employees. For more than 100 years we have electrified industries, supplied energy to peopleβs homes and modernised our way of living through innovation and cooperation. We are looking for talented individuals who, in addition to their passion for their own role, also have strong team spirit and want to contribute to supporting a meaningful corporate mission.
Qualifications
- Experience in the above topics, preferably in information security management systems and service level agreements with exposure to both IT and OT environments.
- A proactive work attitude. Able to take responsibility and to keep focus on your goals
- Knowledge on how to cooperate with others, to prioritize and to work under pressure.
- A critical attitude when necessary and will talk to others about their professional responsibility.
- Very good communication and negotiation skills, also on a management level.
- Completed university studies, preferably in the fields of computer science, engineering or business informatics.
- Strong understanding of industrial control systems (ICS), SCADA, and business IT systems.
- Familiarity with cybersecurity frameworks (e.g., NIST CSF, ISO 27001, IEC 62443).
- Relevant certificates for proof of competence are an advantage: CISSP, GICSO, CRISC CISM, CISA, ISO 27001 Lead Auditor/Implementer
- Good knowledge of the ISO 27000 series of standards
- Very good abstraction skills and pronounced skills in logical-analytical and informatic thinking
- Very good command of spoken and written English
- Willingness to travel, primarily within Europe
Additional Information
Our offer
Good remuneration, a challenging and international work environment, and the possibility to work with some of the best in the field. You will be working in interdisciplinary teams and you can always count on support from committed colleagues. We offer attractive employment conditions and opportunities for personal and professional development.
More Information
We welcome your application in English, no later than 24/08/2025. We kindly request that you do not send applications by any means other than via our website as we cannot guarantee that we will be able to process applications that are not made via our website.
For more information about the recruitment process you are welcome to contact our recruiter Adam Hammond via
Commitment to Diversity
Vattenfall is committed to promoting a diverse and inclusive community – a place where we can all be ourselves and succeed on merit. We offer a range of family friendly, inclusive employment policies, flexible working arrangements, staff engagement forums and services to support all our employees.
We are convinced that diversity contributes to build a more profitable and attractive company and we strive to be good role model regarding diversity. Vattenfall works actively for all employees to have the same opportunities and rights regardless of gender, ethnicity, age, transgender identity or expression, religion or other belief, disability or sexual orientation.
We look forward to receiving your application!
#J-18808-Ljbffr
BISO and Data Information Manager employer: Vattenfall GmbH
Contact Detail:
Vattenfall GmbH Recruiting Team
StudySmarter Expert Advice π€«
We think this is how you could land BISO and Data Information Manager
β¨Tip Number 1
Familiarise yourself with the specific cybersecurity frameworks mentioned in the job description, such as NIST CSF and ISO 27001. Being able to discuss these frameworks in detail during your interview will demonstrate your expertise and alignment with the role.
β¨Tip Number 2
Showcase your experience with both IT and OT environments by preparing examples of how you've successfully integrated cybersecurity into business processes. This will highlight your ability to bridge the gap between technical requirements and business goals.
β¨Tip Number 3
Prepare to discuss your approach to risk management and security awareness training. Think of specific strategies youβve implemented in previous roles that could be adapted to Heat UK's needs, as this will illustrate your proactive work attitude.
β¨Tip Number 4
Network with professionals in the cybersecurity field, especially those who have experience in energy or industrial sectors. Engaging with industry peers can provide insights and potentially valuable connections that may help you stand out during the hiring process.
We think you need these skills to ace BISO and Data Information Manager
Some tips for your application π«‘
Understand the Role: Before you start writing your application, make sure you fully understand the responsibilities and qualifications required for the BISO and Data Information Manager position. Tailor your application to highlight how your skills and experiences align with these requirements.
Craft a Strong CV: Your CV should clearly outline your relevant experience in information security management systems, IT and OT environments, and any certifications you hold. Use bullet points to make it easy to read and ensure that your achievements are quantifiable where possible.
Write a Compelling Cover Letter: In your cover letter, express your passion for cybersecurity and how you can contribute to Heat UK's mission. Mention specific examples of past experiences where you successfully implemented security strategies or managed risks, demonstrating your proactive work attitude.
Proofread Your Application: Before submitting, carefully proofread your application for any spelling or grammatical errors. A polished application reflects your attention to detail and professionalism, which are crucial for the role of a Business Information Security Officer.
How to prepare for a job interview at Vattenfall GmbH
β¨Understand the Role
Make sure you have a solid grasp of what the BISO role entails. Familiarise yourself with the key responsibilities, such as bridging cybersecurity and business operations, and be ready to discuss how your experience aligns with these tasks.
β¨Showcase Your Technical Knowledge
Be prepared to discuss your understanding of cybersecurity frameworks like NIST CSF and ISO 27001. Highlight any relevant certifications you hold, such as CISSP or CISM, and how they apply to the role.
β¨Demonstrate Communication Skills
As a BISO, you'll need to liaise with various stakeholders. Practice articulating complex technical concepts in simple terms, and prepare examples of how you've successfully communicated with management or cross-functional teams in the past.
β¨Prepare for Scenario-Based Questions
Expect questions that assess your problem-solving skills in real-world situations. Think of examples where you've identified and mitigated security risks or led compliance initiatives, and be ready to explain your thought process.
