Description:
The Security Business Partner (SBP) serves as a strategic partner and relationship manager between Enterprise Information Security and Line of Business.
This role ensures that information security requirements, risk considerations, and governance expectations are identified early and incorporated into business initiatives, technology solutions, and risk management activities for the Line of Business.
________________________________________
Key Responsibilities
Business & Security Partnership
- Serve as the security point of contact for Line of Business, Risk, and Technology teams to ensure integrated delivery of cybersecurity services.
- Lead or assist in the relationship with a line of business to ensure successful outcomes and is responsible for the overall client experience within the Security organization, including cybersecurity risk, business demand management, client feedback & relationship management.
- Coordinate security input for risk discussions, executive updates, and committee presentations.
Initiative Support
- Engage across the lifecycle of business and technology initiatives, including RFP activities, technology due diligence, and security approvals.
- Promote adoption, accountability, and sustainability of security requirements and controls for Line of Business initiatives.
- Ensure that security requirements and standards are identified and incorporated into Line of Business technology solutions and platforms.
- Participate in key initiative and program meetings to provide ongoing security and risk input.
Risk Management & Governance
- Support Line of Business risk assessments, security reviews, and governance activities for initiatives with material technology, data, or business impact.
- Partner with Line of Business Risk organization to improve Security posture through the reduction of Policy Exceptions, open vulnerabilities, and implementation of automated identity access controls.
- Translate information security requirements and risk considerations into relevant guidance to support informed decision making by Line of Business stakeholders.
- Provide support for ad hoc or high priority security situations, including coordination of communications and remediation planning.
________________________________________
Organizational Alignment
- Works closely with Enterprise Information Security teams responsible for Identity and Access Management, Data Protection, Application Security, Cloud Security, and Policy and Governance,
________________________________________
Required Qualifications
- CISSP, CRISC, or CISA certification
- Experience in information security, technology risk, or related technology roles within large, complex enterprise environments.
- Familiarity with enterprise security domains such as Identity Access Management, Data Protection, Cloud Security, and Risk Management
- Knowledge of information security risk, control objectives, and governance processes.
- Demonstrated ability to work effectively with business, technology, and risk stakeholders.