Jobs

Business Information Security Officer (BISO)


Job details
  • MS Amlin
  • London
  • 4 months ago

Role:Business Information Security Officer

Location: London - Hybrid

Position: Full time, permanent

The Business Information Security Officer (BISO) plays a pivotal role in bridging the gap between business objectives, cybersecurity and data protection strategy, focusing on excellence in protecting, detecting, resolving, mitigating, recovering and learning from potential security exposures . This role will provide execution management to ensure MS Amlin has the appropriate cybersecurity and data protection posture across its ecosystem. The BISO serves as a liaison between business leaders, cybersecurity teams, third parties, partners, market and regulatory stakeholders, promoting a strong security culture and contributing to the cyber security protection, resilience and response capabilities.

About The Job:

Embed Information Security and Data Protection Strategy

Serve as a trusted point of contact across MS Amlin, ensuring uniformity in cybersecurity policies and practices.

Collaborate with cross-entity security teams to implement cybersecurity policies related to security operations, incident response, application security, and infrastructure.

Assess and contribute to the strategy to achieve and maintain appropriate information security practices, controls, resilience, risk identification and responses across MS Amlin’s estate and data landscape

Advise, adopt and embed the information security framework and certification appropriate to our organisation and market, in line with strategic objectives and relevant jurisdictional requirements.

Work with internal and external stakeholders to assess impact of new projects, solutions, partnerships and regulations to security and data protection posture and provide support in implementation.

Protect, Detect, Respond, Recover, Improve Management

Enable MS Amlin’s horizon scanning for security threats, vulnerabilities, and mitigations, and work with internal and external stakeholders to best protect MS Amlin’s estate and data

Ensure Cyber and Data Protection continual compliance and vulnerability closure for Operational Resilience, Continuity Management and other relevant regulations.

Report on MS Amlin’s cyber security and data protection capabilities, recovery and disruption plans, with a focus on continual improvement and increasingly sophisticated testing

Ensure MS Amlin’s disaster recovery, immutable back-up are adequate, exercised and maintained in line with business requirements.

Determine and obtain / maintain relevant Cyber Certification and Frameworks (NIST, ISO27001,CIS, CQUEST etc)

Assist in assessing the impact of Cyber Frameworks (NIST, new laws, regulations, and standards) on business operations and implement necessary measures for compliance.

Ensure security content training initiatives are conducted regularly and internal/external communication regarding cybersecurity is disseminated effectively.

Develop standards and assess risks of third party relationships on posture and data protection, advising and monitoring mitigations, providing oversight in BAU

Advocacy

Motivate MS Amlin to prioritise cybersecurity controls and remove obstacles hindering efficient security measures.

Work with the business to incorporate security-by-design principles into projects, architecture, infrastructure, and applications.

Work with cross-entity, cross-market and cross-value chain stakeholders to establish and embed information security and data protection standards, resilience, response and recovery capabilities and continually mature to maintain posture within tolerances

Represent MS Amlin internally and externally with professionalism and integrity

Dimensions

The BISO reports into the Head of Operational and Cyber Resilience and the into Operations Director (SMF24).

The job holder will also work closely with the MS Amlin COO, IBS and Resource Owners, MS ABS (our internal Service Company), other senior stakeholders and with counterparts across Operations, Line 2, Line 3 and Service Providers to monitor and resolve issues and align capabilities with resilience monitoring, management, remediation.

Preparation of regulatory reporting inputs to FCA, Lloyd’s, the PRA, Auditors and Board members.

Draft high quality and reliable MI packs and Board papers, providing insight and in-depth analysis to senior stakeholders

You’re going to enjoy this job if you also:

Flourish in fast paced, dynamic environments where you can shape solutions and influence outcomes

Enjoy advocating, creating buy-in and engagement across a range of views and stakeholders

Have a strong eye for detail

Can convey complex messages and concepts simply, with focus on the core issues and recommendations

What you’ll need:

For this particular role there are some important qualifications and experience we need you to have. These include:

Knowledge of national and global cybersecurity policies, regulations, and frameworks.

Familiarity with a wide range of cybersecurity solutions and technologies.

Experience in response and recovery capabilities.

Knowledge of data protection, classification and relevant regulations and laws.

Good written and verbal communication skills, with the ability to engage stakeholders at all levels.

Understanding of business processes and the ability to integrate cybersecurity seamlessly.

Experience in financial services and preferably Insurance/ Lloyd’s market

Experience in cybersecurity and/or information technology and project management

Knowledge of data protection practices, third party assessment and operational resilience

Knowledge of complex regulatory and contractual requirements and an ability to create effective compliance systems

Proven experience of working with IT security systems and information security governance, i.e.,control frameworks, incident management, operations and application of security best-practices.

Familiarity with vendor security risk and data protection reviews and controls

Certification such as CISSP, CISM, CRISC, or CISA preferred but not essential

What you can expect from us:

Competitive Base Salary

Performance Related Discretionary Bonus

Holiday:28 days core annual leave, and you can buy up to 5 days

Pension:A minimum 2% employee contribution plus 7% MS Amlin contribution (9%) up to a maximum of 5% employee contribution plus 13% MS Amlin contribution (18%)

Private Medical:cover for yourself. Family members/dependants can be added.

Flex Fund:£1,000 (pro-rated based on start date) to spend on flexible benefits. 

Life Assurance:10 x annualised base salary

Enhanced Parental Leave (maternity and paternity):6 months full pay, entitled from day 1. 

Continuous Learning Approach:Including study support with professional qualifications.

Employer Supported Volunteering:3 days volunteering leave.

Annual health screening

Give as you earn

Cycle to work

Season ticket loan

Green car scheme

Retail discount platform

About MS Amlin:

MS Amlin is part of a global top-10 insurance group, MS&AD. We’re made up of four distinct businesses covering global reinsurance, Lloyd's franchise, local specialty insurer, and business services.

#LI-MSAUL

Sign up for our newsletter

The latest news, articles, and resources, sent to your inbox weekly.

Similar Jobs

Business Information Security Officer (BISO)

Role:​Business Information Security OfficerLocation: London - HybridPosition: Full time, permanentThe Business Information Security Officer (BISO) plays a pivotal role in bridging the gap between business objectives, cybersecurity and data protection strategy, focusing on excellence in protecting, detecting, resolving, mitigating, recovering and learning from potential security exposures . This role will...

MS Amlin London

Business Information Security Officer Analyst

JOB TITLE: Business Information Security Analyst UK&IREPORTING TO: Business Information Security Officer (US) & VP,  IT UK&ILOCATION: Hybrid, 3 days in office, UK&I HQCONTRACT: PermanentSALARY: TBCROLE OVERVIEW AND PURPOSEReporting to the BISO (Business Information Security Officer), the BISO Analyst a trusted advisor with business unit leadership.  The BISO Analyst understands...

ABM UK Hounslow

Business Information Security Officer

DescriptionYou’re not the person who will settle for just any role. Neither are we. Because we’re out to create Better Care for a Better World, and that takes a certain kind of person and teams who care about making a difference. Here, you’ll bring your professional expertise, talent, and drive...

Kimberly-Clark

Business Information Security Officer

DescriptionYou’re not the person who will settle for just any role. Neither are we. Because we’re out to create Better Care for a Better World, and that takes a certain kind of person and teams who care about making a difference. Here, you’ll bring your professional expertise, talent, and drive...

Kimberly-Clark Tadworth

Information Security Lead, Europe

Your roleResponsible for monitoring, reacting and reporting on information security events as well as supporting the management of security operations activities within the core business lines in the U.K., Europe, Australia and New Zealand. Provide governance and support for regulatory and industry compliance requirements, facilitate audit activities and direct remediation...

Corpay London

Information Security Lead, Europe

Your roleResponsible for monitoring, reacting and reporting on information security events as well as supporting the management of security operations activities within the core business lines in the U.K., Europe, Australia and New Zealand. Provide governance and support for regulatory and industry compliance requirements, facilitate audit activities and direct remediation...

Corpay Swindon