Cyber Business Relationship Manager- BISO

Overview

Responsibilities

• Act as the primary bridge between cybersecurity and business units, ensuring security priorities align with business objectives and regulatory requirements
• Drive proactive identification and mitigation of cyber risks within business processes and ensure compliance with enterprise security policies
• Guide business stakeholders through IT intake processes, review technical documentation and facilitate smooth cybersecurity and enterprise architecture reviews
• Develop and maintain application roadmaps, support IT capital project portfolio management and optimize rate case planning for technology initiatives
• Educate business units on security requirements, promote awareness and advocate for secure innovation across projects and programs
• Provide leadership with tailored dashboards and reports on security posture, risk trends and compliance performance
• Act as a change ambassador, helping business units adapt to new technologies and security processes while maintaining resilience

Qualifications

• Bachelor's Degree In relevant discipline and eight (8) years of progressive experience in information security, risk management, or cybersecurity roles and two (2) years working directly with business units or in a liaison capacity, driving alignment between technology and business objectives. or
• Master's Degree In relevant discipline and eight (8) years of progressive experience in information security, risk management, or cybersecurity roles
• and two (2) years working directly with business units or in a liaison capacity, driving alignment between technology and business objectives.

• Master's Degree In relevant discipline and Three to five (35) years of experience in governance, compliance, and regulatory frameworks (e.g., NERC CIP, SOX)

• Demonstrate experience in stakeholder engagement and executive communication, with proven ability to lead change initiatives across complex organizations, required.
• Demonstrate experience in working directly with business units or in a liaison capacity, driving alignment between cybersecurity and business objectives, required.
• Proven work experience in information security, risk management, or cybersecurity leadership, required.
• Work experience with cybersecurity industry recognized frameworks and standards such as NIST, ISO 27001/2, or CSA, required.
• Demonstrates experience driving proactive identification and mitigation of cyber risks within business processes, and ensuring compliance with enterprise security policies, preferred.
• Demonstrates experience in managing or influencing enterprise-level projects and portfolios, including application roadmaps and IT intake processes, preferred.

• Project Demonstrated project management skills
• Possesses flexibility to work in a fast paced, dynamic environment
• Demonstrates a high level of accuracy, even under pressure
• Ability to drive multiple projects to successful completion
• Ability to work within tight timeframes and meet strict deadlines
• Assumes personal responsibility for actions
• Strong written and verbal communication skills
• Effective interpersonal skills
• Excellent organizational skills

• Driver's License Required
• Project Management Professional (PMP) Training and/or certification in Project Management is a plus. Preferred
• Other: Certified Information Security Practitioner (CISSP) Preferred
• Other: Certified Information Security Manager (CISM) Preferred

• Sit or stand to use a keyboard, mouse, and computer for the duration of the workday

• The selected candidate will be assigned a System Emergency Assignment (i.e., an emergency response role) and will be expected to work non-business hours during emergencies, which may include nights, weekends, and holidays.
• Must be able and willing to travel within Company service territory, as needed.