Business Information Security Officers (BISOs) serve in a client-centric role supporting Foundever and exist to promote client satisfaction as part of the Global Security organization under the Business Information Security Office (BISO). Working with global enterprise clients, BISOs collaborate with the IT solutions team, business development and deal desk to ensure comprehensive security design in a pre-sales environment. The BISO is a critical resource to the legal team serving as the security subject matter expert on contractual language. The BISO partners with Security Engineering, Security Operations, Security Governance, Security Assurance, and Project Management Office (including Enterprise Change Management (ECM)) to oversee security matters during client implementations and changes. The BISO serves as an internal resource to the Operations team to support client security audits, client change requests, and other security related topics pertaining to Foundever’s clients. The BISO leads or collaborates directly with Physical Security teams within the region, ensuring client contractual obligations are met, regulatory requirements are addressed, and the security of our associates and clients is ensured. The regional role will oversee the security of sensitive information and projects, client or corporate related, and will advise in the security of the company’s infrastructure to meet client requirements.
This individual will need to be located and authorized to work within the LATAM region.
Job Responsibilities
- Respond to Requests for Proposals and contractual negotiations for security language, collaborating with Legal, Sales, Technology and IT Solutions on the design and language of these documents
- Provide the technical security response for internal and client audits
- Partner with fraud team to investigate incidents of fraud and respond to EthicsPoint incidents, communicating with the client on resolution of incidents
- Work with operations team to ensure physical security controls are in place and Site Security Questionnaires are completed
- Monitor and close CAPA items related to audit findings and SSQs
- Participate in Enterprise Change Management Reviews for client requested changes, ensuring security risks introduced to the environment from requested changes are minimized or reduced
- Present effectively and professionally in front of clients on a regular basis and negotiate with client’s security and risk organizations to achieve mutually agreeable security controls to protect both Foundever and the client’s data and systems
- Communicate effectively to provide internal and client-facing articles with regards to best practices or new frontiers in security
- Expert knowledge and experience in Information Security best practices (technical knowledge and demonstrated technical expertise)
- Ability to receive complex business and technical requirements, from multiple stakeholders, rapidly determine the appropriate security solution and guide the team to achieve the desired results
- Experience in large global environments spanning multiple time-zones
- Common Security Frameworks (ISO 27000 series, SSAE18, NIST SP 800 series, etc.)
- Privacy Frameworks (GDPR, HIPAA, PIPEDA, etc.)
- Payment Card Industry (PCI)
- Other industry and country security requirements as required to support clients in the region supported
- Ability to appropriately handle critical information and sensitive information
- Effectively use Microsoft Office products in communication delivery
- Effective organization and communications skills and proven ability to translate security and risk to all levels of the business
- Ability to effectively plan, delegate and/or supervise the work of other team members
- Ability to lead, motivate, develop and train other team members
- Must demonstrate a keen understanding of security as a business enabler, presenting ideas, expectations and information in a concise, constructive, and well-organized manner
- Strong analytical abilities, interpersonal skills, and the maturity & motivation to work effectively across international and culturally diverse project teams
- Effective project management skills, including the ability to plan, organize, prioritize, & balance multiple tasks and/or projects independently to ensure target dates & goals are achieved with minimal oversight
Skills and Qualifications
-
At least 5 years in technology, cybersecurity or risk governance roles interfacing with global clients on complex technology solutions or security consulting - this could be in technical account management, sales engineering or IT project management
-
Four-year degree or equivalent combination of education and experience
-
Provide support to the VP, Business Information Security to ensure security support to clients and Foundever locations from setup to closure including the support of business development activities where security discussions are requested or required, client security risk assessments, client contract security language reviews, client project implementation security due diligence, client security audit activities including presenting evidence and follow-up audit risk mitigation discussions
-
Work with global business support functions or departments to facilitate completion of RFP security questionnaires and reviews contract security language
-
Serve as a project implementation team member to conduct security due diligence and closure on client project implementation teams and participates in Enterprise Change Management process to review and approve client impacting and organizational changes
-
Advise and/or assist in conducting IT security risk assessments, reviews, investigations and risk management services throughout the company; provide security risk evaluation, audits, mitigation and solutions to projects and initiatives
-
Develop and implement strategies to balance security recommendation with business needs
-
Guide and consult on security related questions from solutions providers, developers, engineers, and leadership team
-
Provide guidance and consultation on corporate security initiatives
-
Define security strategies, policies and procedures as required and directed
-
Oversee and monitor vendor and third-party security reports/lists
-
Ensure coordination with IT to ensure assets are adequately secured to clients’ requirements
-
Provide oversight and management of Managers and Analysts assigned to the Regional Business Information Security Office
-
Engage and influence Foundever counterparts to improve processes for capabilities-based planning, resource allocation, and other strategic management processes used by Foundever leaders to make investment decisions
-
Work closely with global divisions to provide insight to current security issues and will be responsible for moderately complex research and trending to assist with analysis and ensure overall global security performance
-
Ensure BISO support is offered to clients and Foundever locations from a security standpoint, from setup to closure
-
Other security-related support functions as needed or assigned to the BISO Team by the VP Business Information Security or the Chief Security Officer
-
CISSP and/or CISM and/or CISA preferred, other industry standard security certification (GIAC, Security+)
- Fluency in English (C1 level minimum)
About Us
Foundever® is a global leader in the customer experience (CX) industry. With 150,000 associates across the globe, we’re the team behind the best experiences for +800 of the world’s leading and digital-first brands. Our innovative CX solutions, technology and expertise are designed to support operational needs for our clients and deliver a seamless experience to customers in the moments that matter.
-
#LI-MAM
#LI-Remote
#LI-LATAM
