Business Information Security Officer, Europe

Social network you want to login/join with:

col-narrow-left

London, United Kingdom

Other

-

Yes

col-narrow-right

01c645f8e143

7

05.05.2025

19.06.2025

col-wide

JOB DESCRIPTION

ABOUT THE JOB

We’re looking for a Business Information Security Officer (BISO), Europe to join our team in London, reporting to the Senior Manager, Business Information Security Office and Strategy.

As the BISO for Europe, you’ll play a key role as the bridge between our central cybersecurity function and the regional business teams. You’ll work closely with regional leadership to understand business goals, embed cybersecurity—including AI-related risks—into operational strategies, and drive alignment between business and security objectives. You’ll also lead efforts to identify and assess risks, advise on mitigation approaches, and foster a strong culture of security awareness across the region.

KEY RESPONSIBILITIES

Business Partnership & Advisory:

• Collaborate with regional business leaders and managers to serve as a trusted advisor on cybersecurity matters, including new areas like AI security.
• Develop an understanding of regional team goals and processes to communicate cyber risks in e-commerce, retail, and wholesale business teams.
• Advise regional management on cybersecurity risk levels, posture, and the potential impact of threats.
• Support regional leadership by contributing to the cost-benefit analysis of information security programs.
• Partner with Privacy team and legal counsel on due diligence and data-related functions.
• Support the implementation and management of regional third-party risk management activities, including performing third-party risk assessments.
• Experience with PCI compliance. Manage, lead, and conduct PCI assessments for different countries, collaborating with app owners and payment gateways.
• Help build the regional data loss prevention (DLP) program components and understand the business impact.
• Advise on the implementation of corporate AI governance and security posture management for AI systems within the region.
• Ensure regional adherence to risk remediation protocols, tracking mitigation efforts and exceptions according to established frameworks and standards (e.g., NIST CSF, CIS).

Communication & Culture:

• Engage constructively with partners regarding cybersecurity issues and requirements. Maintain relationships with respective points of contact.
• Understand different cultures in the European regions and stay updated on changing regulatory requirements.
• Educate regional partners on cybersecurity-related matters, including data and operational risks, to increase awareness and foster a security-conscious culture.
• Participate in relevant cybersecurity and business councils or working groups.
• Facilitate communication between regional departments and central cybersecurity teams.

ABOUT YOU

• Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field.
• Experience engaging with and influencing management levels regarding business-specific Information Security Risk briefing and reporting.
• Experience operating within the European regulatory landscape (e.g., GDPR).
• 6+ years of experience in cybersecurity, network/application security, IT risk management, or similar roles, with demonstrated business partnering experience.
• Knowledge of cybersecurity principles, risk management frameworks (e.g., NIST CSF, CIS v8, PCI), and security technologies.
• Familiarity with AI concepts, AI-specific security risks, and AI governance frameworks (e.g., NIST AI RMF, EU AI Act principles). Experience with AI security posture management.