Business Information Security Officer

Job Summary:

The BISO is a dedicated security professional that is able to balance risk management and Cybersecurity requirements, leading a team of regional Business Information Security Officers. The role requires business acumen, technical acumen and strong consultative skills. Business operational understanding is critical because this role will engage with business leaders and operations stakeholders to enhance understanding, identification, and management of business risks.

Duties and Responsibilities:

• Provide independent and objective oversight and monitoring for the implementation of Cybersecurity across Sysco’s operating companies.
• Direct and manage Security Leads across regions.
• Translate Policy(s) and Standards set forth by the Cybersecurity Risk and Compliance Management Team into the environment.
• Increase awareness and foster accountability for security across the enterprise.
• Facilitate bidirectional communication between operations teams globally and enterprise security while advocating for both in a balanced manner.
• Escalate risks and exceptions to Cybersecurity Risk and Compliance Management Team and Change Management.
• Participate in and assist with security incident readiness and response training & awareness including supporting cybersecurity incident response activities.
• Oversee responsibilities for both security and business continuity (governance, reporting, compliance, risk assessments, etc.).

Education Preferred:

• Education (Bachelor’s Degree or above) related to Computer Science, Cybersecurity, Information Technology, or related fields

Experience Required:

• 10+ years experience of Cybersecurity and or information risk management
• Knowledge and understanding of the design of the operational systems and operations environments
• knowledge of application and product system development lifecycle and tools and appsec protocols.
• Understand applications running in the operations environment and the resulting network traffic
• In-depth understanding of cybersecurity solutions and requirements within the food and service industry
• Excellent communication skills, with an ability to tailor and engage communication across all levels of the organization

Licenses/Certifications Preferred:

• Certified Information on Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Information Systems Security Architecture Professional (ISSAP), Information Systems Security Engineering Professional (ISSEP), GIAC Response and Industrial Defense (GRID)

Language Requirements:

• Fluency in written and spoken English.

Physical Demands:

• Reasonable accommodations will be made to enable individuals with disabilities to perform the essential functions of this job.

Travel Requirements:

Up to 25%