Senior Director, Business Information Security Officer Senior Director, Business Information Security  …

S&P Global
in New York, NY
Permanent, Full time
Last application, 26 Jan 21
S&P Global
in New York, NY
Permanent, Full time
Last application, 26 Jan 21
Senior Director, Business Information Security Officer
  • As the Business Information Security Officer (BISO) of S&P Dow Jones Indices, you will be the Cyber Security & Assurance primary point of contact for the division, responsible for the development, communication, compliance and governance of the divisional security strategy, roadmap and policies that are in alignment with the organization's overall security objectives
  • This position will report to the CTO of S&P Dow Jones Indices
  • Develop and maintain the overall Security strategy of the division
  • Ensure that the division's technology (IT) priorities align with the overall Security strategy
  • Acquire and manage leadership support and financial resources to support the Security transformation and governance priorities of the division
  • Engage with the Global Information Security policy team as the primary point of contact for the division and ensure that division's Security policies and priorities align with those of the overall organization
  • Manage and communicate the divisional Security roadmap
  • Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with Cybersecurity policies
  • Monitor and evaluate the effectiveness of the division's cybersecurity safeguards to ensure that they provide the intended level of protection
  • Ensure that Security requirements specific to information technology (IT) systems are included in all phases of the system life cycle
  • Engage with the CIRT team to properly address and manage cybersecurity incidents or vulnerabilities
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Advise senior management on cost/benefit analysis of information Security programs, policies, processes, systems, and elements
  • Establish a mature Security posture within the Division
  • 5+ years in a senior Security leadership role
  • 10+ years of experience working in a Security focused role in the technology or other technology heavy industry (e.g. Financial Services)
  • Bachelor's degree in Computer Science, Information Systems, Engineering or a related discipline
  • Certified Information System Security Professional (CISSP) or Certified in Risk and Information Systems Control (CRISC) certifications preferred
  • Detailed understanding of IT risk and information security fundamentals, risk assessment and risk management fundamentals, modern networking technologies and IT security controls
  • Working knowledge of:
    • Cloud computing architectures and the associated security designs and challenges
    • Common open source libraries and technologies (e.g. Kafka, Spark, Hadoop) and how to effectively harden them
    • Common web application development technologies (e.g. Java, PHP, Python, etc...) along with tools and processes to enable teams to develop safely
    • NIST security controls frameworks
  • Ability to interpret and apply laws, regulations, policies, and guidance relevant to organization's cyber objectives
  • Ability to exercise judgment when policies are not well-defined
S&P Global is an equal opportunity employer committed to making all employment decisions without regard to race/ethnicity, gender, pregnancy, gender identity or expression, color, creed, religion, national origin, age, disability, marital status (including domestic partnerships and civil unions), sexual orientation, military veteran status, unemployment status, or any other basis prohibited by federal, state or local law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to: and your request will be forwarded to the appropriate person.

The EEO is the Law Poster describes discrimination protections under federal law.

102 - Senior Management (EEO Job Group) (inactive), 10 - Officials or Managers (EEO-2 Job Categories-United States of America), IFTECH102 - Senior Management (EEO Job Group)

Job ID: 255641
Posted On: 2020-12-15
Location: New York, New York, United States
S&P Global logo
More Jobs Like This
See more jobs