Business Information Security Officer

Overview:

If you’re looking for a high-energy, inclusive atmosphere and a company that understands the importance of work/life balance, Commonwealth is your match! From generous bonus and 401(k) programs to tuition reimbursement and flexible work schedules, Commonwealth is focused on helping its employees thrive in an environment suited to their needs. On top of all that, the information security department offers a hybrid work schedule, so you’ll be able to work from home for part of the week!

We’re looking for a business information security officer to join our ranks. This is a new role within the Information Security team who have recently transformed to new ways of working. We are looking for an experienced Business Information Security Officer with good information security knowledge and high impact leadership skills. This is a great opportunity to help build a high performing team in the finance industry.

Key Responsibilities 

• Understanding business needs to create innovative outcomes to problems and lead teams to exceed business stakeholder expectations
• Acting as an Information Security Architect who helps business understand cyber-risks and liaise with IT teams to augment security to solutions strategy
• Engaging the security leadership team to influence short-term deliverables and long-term strategies driven by the voice of the business to deliver value to customers in safe, secure manner
• Performing security risk assessments to reduce business risk and determine appropriate actions that align with businesses risk appetite
• Establishing mechanisms to integrate with GRC to manage and communicate security risks clearly and consistently
• Managing resources and budgets to deliver business and IT programs based on prioritized expectations established with program sponsors.
• Engaging business and IT programs to ensure key security controls are in place for safe, secure delivery
• Establishing the business information security office as the single point of contact for business and IT engagement
• Managing the security support (Front Door) team with a focus on improving internal customer feedback
• Continuously seeking opportunities to improve security engagement with the business, delivery of security services, solutions, support, and value
• Communicating business feedback and requirements to security’s architecture and engineering teams to incorporate into strategy and planning
• Identifying cross-work stream dependencies; coordinating and collaborating with various teams
• Developing and supporting long-term strategy and technology roadmap to align with risk mitigation and capability gaps
• Supporting cross-functional teams to investigate, analyze, and make recommendations to leadership on current strategy or operational issues
• Participating in development of organization cyber scorecards to identify business strengths, weaknesses and opportunities
• Collaborating with InfoSec Architecture and Engineering teams to liaise security control implementation, ensure business timelines are adhered to and provide assurance with regards to the control implementation

Core Strengths and Skills

• Bachelor’s degree in information systems, engineering, or a related discipline (Or equivalent training)
• 8+ years’ experience with leadership positions managing executive and business stakeholders
• 10+ years’ cyber security experience  cyber security
• Adept at working with users and groups at all levels to establish relationships and obtain requirements
• A critical thinker with an analytical mind-set and adept at evaluating opportunities to reach goals
• An agile mindset with experience using agile frameworks
• Knowledge of security frameworks and controls associated with mitigating cyber security risks
• Experience with requirements analysis and strategic planning in a multi-platform environment
• Strong consulting skills with excellent communication and collaboration skills

Additional desirable Skills:

• Security leadership training and certification
• CISSP, SABSA, and CISA preferred
• Understanding best practices, control frameworks, and applicable existing and new legal/regulatory requirements (SEC S-P Rule, FINRA cybersecurity recommendations, data privacy and breach notification laws, ISO 27001, NIST CSF and SP 800-53, CIS, CSA CCM, PCI DSS, etc.)

Have we piqued your curiosity? Can you see yourself thriving in this opportunity? 

Picture Yourself Here  

At Commonwealth, we believe in a better world. We hold ourselves and each other to higher standards. We take care of one another. That’s why we invest in you—we encourage employee growth both in your career and education; we are building out a robust diversity, equity, and inclusion program; we offer incredible healthcare benefits; and we find plenty of occasions to celebrate. What’s not to love? 

We are always striving to be better, and we are looking for employees who share that same mindset. Better people, better coworkers, better leaders, better creators. Bring your best work and your full self to the table, and we will do the same. Together, we can build a better future for our advisors, their clients, our company, and you. 

About Commonwealth  

Commonwealth Financial Network, Member FINRA/SIPC, a Registered Investment Adviser, provides a suite of business solutions that empowers more than 2,000 independent financial advisors nationwide. Privately held since 1979, the firm has headquarters in Waltham, Massachusetts, and San Diego, California.  

Turning our advisors into raving fans starts by doing the same for our employees. We foster an environment of excellence, growth, rewards, and fun in equal measure, which has earned us 44 Best Place to Work awards.   

The Fine Print  

We care about your online safety as a prospective employee and encourage you to exercise caution when responding to job postings online. Commonwealth will never ask potential hiring candidates to pay or transfer funds as a precondition of interviews or employment, nor will we authorize recruiters or agents to do so on our behalf.  

Commonwealth is an equal opportunity employer, making intentional efforts to source talent from all backgrounds.