Business Information Security Officer (BISO) - HPE Financial Services

Business Information Security Officer (BISO) – HPE Financial Services This role has been designed as ‘Hybrid’ with an expectation that you will work on average 2 days per week from an HPE office.

Who We Are: Hewlett Packard Enterprise is the global edge-to-cloud company advancing the way people live and work. We help companies connect, protect, analyze, and act on their data and applications wherever they live, from edge to cloud, so they can turn insights into outcomes at the speed required to thrive in today’s complex world.

Job Description:

Role Overview:

• Business Information Security Officer (BISO) – A global role (individual contributor) that serves as the senior cybersecurity liaison for HPE Financial Services (HPEFS), including Hewlett Packard International Bank.
• This senior individual contributor role will sit within HPE’s central Cybersecurity & Digital Risk Management (CDRM) organization, with a dotted line into HPEFS leadership.
• The BISO will bring a balance of business partnership, cyber risk expertise, and deep knowledge of financial services regulation to help HPEFS operate securely, remain compliant, and maintain customer and regulator trust.

Key Responsibilities:

• Act as the primary cybersecurity liaison for HPEFS, partnering with executives to translate cyber risk into business and regulatory impact and enable informed leadership decisions.
• Inform the HPEFS leadership about emerging cyber threat landscape to be proactive in protecting the business.
• Drive cybersecurity strategies tailored to the regulatory environment for financial services.
• Lead cyber risk assessments for products, services, and bank operations.
• Serve as the on-point liaison during security incidents impacting HPEFS.
• Oversee vulnerability management for HPEFS assets, ensuring issues are tracked, prioritized, and remediated in alignment with regulatory timelines and enterprise standards.
• Partner with the HPEFS IT leader to align on security priorities, infrastructure controls, and technology programs impacting financial services operations.
• Support closure of audit, regulatory, and compliance findings through coordination of corrective action plans.
• Monitor evolving regulatory requirements and industry trends, advising leadership on compliance gaps, risk exposure, and readiness for regulatory examinations.
• Influence enterprise cybersecurity priorities by advocating for HPEFS needs within the broader CDRM strategy.
• Build trusted relationships with business leaders, regulators, auditors, customers, and internal stakeholders to strengthen HPE’s cyber resilience in the financial services domain.

Qualifications & Experience:

• 12+ years of experience in cybersecurity, risk management, or related fields, with significant exposure to financial services regulatory environments.
• Proven ability to partner with business executives and influence decision-making through clear articulation of cyber risk in business and regulatory terms.
• Deep knowledge of cybersecurity frameworks and controls relevant to financial institutions.
• Experience engaging with financial regulators, auditors, and external examiners on cybersecurity compliance.
• Strong understanding of incident response processes, with the ability to coordinate remediation and communication at the business unit level.
• Exceptional communication, stakeholder management, and executive presence.
• Bachelor’s degree required; advanced degree and/or certifications preferred.

What We Can Offer You:

Health & Wellbeing: We strive to provide our team members and their loved ones with a comprehensive suite of benefits that supports their physical, financial and emotional wellbeing.

Personal & Professional Development: We invest in your career because the better you are, the better we all are.

Unconditional Inclusion: We are unconditionally inclusive in the way we work and celebrate individual uniqueness.

: HPE is an Equal Employment Opportunity/ Veterans/Disabled/LGBT employer. We do not discriminate on the basis of race, gender, or any other protected category, and all decisions we make are made on the basis of qualifications, merit, and business need.