Cyber Security Business Information Officer (BISO)

TL;DR

Cyber Security Business Information Officer (BISO) (Cybersecurity): Bridging business strategy and enterprise cybersecurity to deliver measurable security outcomes with an accent on risk management and secure-by-design practices. Focus on embedding security into product development, governing cyber risks, and translating technical risks into business-relevant language.

Location: Oxford Nielsen House (Onsite)

Company

A global leader in information and analytics providing science and health solutions to researchers and healthcare professionals.

What you will do

• Act as the primary security partner for assigned business units, building trusted senior stakeholder relationships.
• Embed security early into business initiatives, product development, and technology delivery.
• Oversee security assessments, including vulnerability management, penetration testing, and third-party risk.
• Translate technical security findings into prioritized, actionable remediation plans.
• Identify, document, and govern cyber risks while supporting risk acceptance and escalation processes.
• Provide security input into solution architecture and major technology decisions.

Requirements

• Several years of experience in a BISO or senior security leadership/advisory role.
• Strong cloud and application security experience (AWS, Azure, GCP) and knowledge of secure SDLC.
• Hands-on knowledge of security tooling such as SIEM, SOAR, EDR/XDR, CSPM, and SAST/DAST.
• Experience embedding security into CI/CD pipelines and DevSecOps practices.
• Working knowledge of security frameworks and regulations (NIST, ISO 27001, CIS, GDPR).
• Bachelor's degree in Engineering, Computer Science, or equivalent, with certifications like CISSP, CISM, or GIAC.

Culture & Benefits

• Access to country-specific benefits tailored to the employee's location.
• Commitment to a fair and accessible hiring process with accommodations for disabilities.
• Inclusive work environment as an equal opportunity employer.