HP is the world’s leading personal systems and printing company, we create technology that makes life better for everyone, everywhere. Our innovation springs from a team of individuals, each collaborating and contributing their own perspectives, knowledge, and experience to advance the way the world works and lives.
We are looking for visionaries, like you, who are ready to make a purposeful impact on the way the world works.
At HP, the future is yours to create!
Job Description
The BISE (Business Information Security Expert ) is responsible for supporting an IT wide information security management program along with Cybersecurity team, to ensure that information assets are adequately protected. This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise. The position requires an expert with sound knowledge of information security technologies and a working knowledge of business management. The BISE will proactively work with IT towers/units to implement practices that meet defined policies and standards for information security. He or she will also oversee a variety of IT-related risk management activities. The BISE serves as the process owner of all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee and business information in compliance with the organization's information security policies. The BISE must be highly knowledgeable about the business environment and ensure that information systems are maintained in a fully functional, secure mode.
The BISE's role is to act as an interface between the Management's strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization. The BISE must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as report on ongoing performance.
The BISE coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management. While the BISE is an expert of the security program, he or she must also be able to coordinate disparate drivers, constraints and personalities, while maintaining objectivity and a strong understanding that security is just one of the business's activities.
Expertise in leading project teams and developing and managing projects is essential for success in this role. The BISE must be able to prioritize work efforts — balancing operational tasks with longer-term strategic security efforts. Other project management tasks will include resource balancing across multiple IT and security teams, task prioritizing and project reporting. Vendor relationship management — ensuring that service levels and vendor obligations are met — is also an important aspect of the position.
Responsibilities
• Develops and drives IT strategies to align with a high impact business agenda supporting the business segment, including the integration points between this function and other functional IT partners.
• Collaborates with vendors, industry consultants and senior company management to define information needs, develop cases and priorities, sustain service levels, and proactively lead business demands.
• Assists in managing spends and IT investments according to plan while ensuring timely work during budget and forecasts processes.
• Works directly with clients, internal or external, to resolve operational issues, utilizing technical expertise.
• Serves as a representative of the business, function, or geography, ensuring ongoing congruence in plans between IT and the respective entities.
• Identifies opportunities where the business, function, or geography can leverage standardized IT solutions and actively promotes their adoption.
• Cultivates and sustains relationships with pivotal tactical leaders and business implementation leads, leveraging extensive business acumen spanning multiple businesses or sub-domains to foster engagement in major IT endeavors.
• Advocates for the proliferation of best practices developed from interactions between businesses, functions, or geographies and other counterparts.
• Applies advanced subject matter knowledge, leads, and contributes to complex projects, and exercises independent judgment in resolving business issues and establishing policies.
• Develops and builds productive internal/external working relationships and may provide mentoring and guidance to lower-level employees.
Security liaison
Architecture/engineering coordination
Develop, implement and monitor a strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.
Facilitate information security governance through the implementation of a hierarchical governance program, including the formation of an information security steering committee or advisory board.
Be knowledgeable and keep updated and publish up-to-date information security policies, standards and guidelines.
Oversee the approval, training, and dissemination of security policies and practices.
Create, communicate and implement a risk-based process for vendor risk management, including the assessment and treatment for risks that may result from partners, consultants and other service providers.
Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
Work directly with the IT units to facilitate IT risk assessment and risk management processes, and work with stakeholders throughout the enterprise on identifying acceptable levels of residual risk
Provide regular reporting on the current status of the information security program to enterprise risk teams, senior business leaders and the board of directors as part of a strategic enterprise risk management program.
Create a framework for roles and responsibilities with regard to information ownership, classification, accountability and protection.
Provide strategic risk guidance for IT projects, including the evaluation and recommendation of technical controls.
Create a framework for roles and responsibilities for main players
Education & Experience Recommended
• Four-year or Graduate Degree in Computer Science, Information Technology, or any other related discipline or commensurate work experience or demonstrated competence.
• Typically has 7-10 years of work experience, preferably in IT projects, process improvement, or a related field.
Preferred Certifications
CISSP, CISM, CISA etc preferred
Knowledge & Skills
• Agile Methodology
• Automation
• Business Analysis
• Business Process
• Business Requirements
• Business Systems Analysis
• Computer Science
• Data Analysis
• Finance
• Marketing
• Process Improvement
• Project Management
• Salesforce
• SAP Applications
• Scrum (Software Development)
• SQL (Programming Language)
• Systems Analysis
• Systems Development Life Cycle
• User Story
• Workflow Management
Cross-Org Skills
• Effective Communication
• Results Orientation
• Learning Agility
• Digital Fluency
• Customer Centricity
Impact & Scope
• Impacts function and leads and/or provides expertise to functional project teams and may participate in cross-functional initiatives.
Complexity
• Works on complex problems where analysis of situations or data requires an in-depth evaluation of multiple factors.
Disclaimer
• This job description describes the general nature and level of work performed in this role. It is not intended to be an exhaustive list of all duties, skills, responsibilities, knowledge, etc. These may be subject to change and additional functions may be assigned as needed by management.
Sustainable impact is HP’s commitment to create positive, lasting change for the planet, its people, and our communities. This serves as a guiding principle for delivering on our corporate vision – to create technology that makes life better for everyone, everywhere.
HP is a Human Capital Partner – we commit to human capital development and adopting progressive workplace practices in India.
#LI-POST
Let our experts design a Professional CV for you.