Overview

The Business Information Security Officer (BISO) will act as the strategic bridge between client business units and the SOC, embedding security requirements into business processes, guiding risk based decisions, and ensuring regulatory compliance while enabling business outcomes. You will advise senior stakeholders, translate technical risk into business terms, and lead business facing security programmes across regulated and complex environments.

Please note, to be considered for this role, you must be eligible for SC clearance

Responsibilities

• Lead business facing security integration: translate security requirements into business processes, define security acceptance criteria for projects and ensure requirements are implemented.
• Act as primary security liaison to business leaders: prepare executive briefings, present security posture and influence prioritisation and budget decisions.
• Conduct and own business focused risk assessments, maintain unit risk registers, and drive risk treatment plans tied to business impact metrics.
• Implement and govern security controls and compliance frameworks (e.g., ISO 27001, NIST, GDPR) within business units; support audits and remediation tracking.
• Coordinate incident response and business continuity for incidents that affect operations; lead post incident business impact reviews and remediation verification.
• Develop business aligned security programmes and roadmaps, support security tool selection in business context, and measure program effectiveness.
• Drive security culture: deliver tailored awareness, embed secure ways of working, and mentor business stakeholders to improve risk literacy.

What experience you'll bring

Required Qualifications (Must have)

• 6+ years’ experience in information security with business facing responsibilities; 3+ years in business liaison or stakeholder management roles.
• Demonstrable experience conducting business risk assessments, developing risk treatment plans and supporting audit/compliance activities.
• Strong business acumen, ability to build executive relationships and translate technical risk into business impact.
• Professional certifications: CISSP required; CISA or CISM preferred.

Preferred Qualifications

• Experience in regulated sectors (finance, healthcare, public sector) and familiarity with information security regulations.
• ITIL or service management background to coordinate operational controls (BISO Job Spec — Certifications Required).
• Prior experience leading security programme implementations and measuring business KPIs.

Success Metrics (6–12 months)

• Business stakeholder satisfaction ≥ target for security engagement and advisory services.
• Reduction in incidents impacting business operations by X% vs baseline and improved mean time to contain (set X per business unit).
• Compliance rates for targeted controls in business units ≥ target (e.g., 95% remediation within SLA).

Who we are

We’re a business with a global reach that empowers local teams, and we undertake hugely exciting work that is genuinely changing the world. Our advanced portfolio of consulting, applications, business process, cloud, and infrastructure services will allow you to achieve great things by working with brilliant colleagues, and clients, on exciting projects.

Our inclusive work environment prioritises mutual respect, accountability, and continuous learning for all our people. This approach fosters collaboration, well-being, growth, and agility, leading to a more diverse, innovative, and competitive organisation. We are also proud to share that we have a range of Inclusion Networks such as: the Women’s Business Network, Cultural and Ethnicity Network, LGBTQ+ & Allies Network, Neurodiversity Network and the Parent Network.

For more information on Diversity, Equity and Inclusion please click here: Creating Inclusion Together at NTT DATA UK | NTT DATA (https://uk.nttdata.com/creating-inclusion-together)

What we’ll offer you

We offer a range of tailored benefits that support your physical, emotional, and financial wellbeing. Our Learning and Development team ensure that there are continuous growth and development opportunities for our people. We also offer the opportunity to have flexible work options.

You can find more information about NTT DATA UK & Ireland here: https://uk.nttdata.com/

We are an equal opportunities employer. We believe in the fair treatment of all our employees and commit to promoting equity and diversity in our employment practices. We are also a proud Disability Confident Committed Employer - we are committed to creating a diverse and inclusive workforce. We actively collaborate with individuals who have disabilities and long-term health conditions which have an effect on their ability to do normal daily activities, ensuring that barriers are eliminated when it comes to employment opportunities. In line with our commitment, we guarantee an interview to applicants who declare to us, during the application process, that they have a disability and meet the minimum requirements for the role. If you require any reasonable adjustments during the recruitment process, please let us know. Join us in building a truly diverse and empowered team.

Back to search Email to a friend Apply now