Business Information Security Officer – Global Banking and Markets

Position Summary

The Information Security Officer (ISO) will be a key functional member of the Business Information Security Officer (BISO) organization, working closely with Global Banking and Markets (GBAM) Chief Information Officer (CIO) and Chief Technology Officer (CTO) teams. The role requires developing a deep understanding of GBAM’s business and technology landscape to enable informed, risk‑based information security discussions. Through strong partnerships with technology and risk stakeholders, the ISO will help ensure focus on the most critical information security risk priorities.

Acting as a day‑to‑day point of contact, the ISO will provide guidance on information security topics, policies, and controls, ultimately becoming a trusted governance and risk partner to the business.

• Provide advisory support and oversight for security‑related changes within the GBAM environment, leveraging regional information security consultants and global operational response teams as required.
• Collaborate closely with Risk teams, supporting their activities and contributing to the ongoing development of processes and solutions.
• Partner with the global BISO organization to ensure Global Information Security (GIS) requirements and initiatives are communicated, reviewed, and tracked in a consistent, timely, and effective manner.
• Establish and maintain a strong network of stakeholders and strategic partners across technology and risk functions.
• Conduct routine liaison and coordination across risk partners and technology groups to remediate GIS issues flagged as red or amber on vulnerability remediation dashboards.
• Coordinate and drive remediation of ad hoc GIS issues, supporting partners to achieve resolution in line with GIS baselines and standards.

• Serve as a subject matter expert for the development, implementation, and ongoing maintenance of information security controls within the line of business (LOB).
• Provide guidance and advocacy on the prioritization of LOB investments, with a focus on information security impact and risk reduction.
• Advise LOB management on information security risks and recommend actions aligned with the bank’s broader risk management and compliance programs.
• Act as the primary point of contact for ad hoc information security enquiries from the LOB.

• 3+ years experience in an information security technology, operations, engineering, or consulting role, with strong knowledge of security controls and processes across systems and networks.
• Excellent interpersonal skills, with the ability to communicate, influence, and negotiate effectively with senior stakeholders to secure alignment and necessary resources.

• Experience with in a technology or financial services organization at a mid to senior level, with solid knowledge of application security controls and associated risks.
• Understanding of vulnerability management concepts, monitoring solutions, and remediation practices.
• Experience with formal security risk assessment methodologies.
• In‑depth technical understanding of technology infrastructure operations and related subject matter areas.
• Previous experience working within a financial institution.
• Proven ability to proactively set work priorities and independently manage a portfolio of activities.
• Strong communication skills, including the ability to deliver difficult messages and drive issue resolution with stakeholders.
• Demonstrated ability to work collaboratively as part of an integrated EMEA GIS team.
• Excellent written and verbal communication skills, including the ability to produce and present clear management‑level progress and status reports.

Shift: 1st shift (United States of America). Hours Per Week: 40.

Pay range: $99,200.00 - $ annualized salary, offers to be determined based on experience, education and skill set. Discretionary incentive eligible. This role is currently benefits eligible. We provide industry‑leading benefits, access to paid time off, resources and support to our employees so they can make a genuine impact and contribute to the sustainable growth of our business and the communities we serve.