Business Information Security Officer
Listed on 2026-06-24
-
IT/Tech
Cybersecurity, Information Security
Join the leader in entertainment innovation and help us design the future. At Dolby, science meets art, and high tech means more than computer code. As a member of the Dolby team, you’ll see and hear the results of your work everywhere, from movie theaters to smartphones. We continue to revolutionize how people create, deliver, and enjoy entertainment worldwide. To do that, we need the absolute best talent.
We’re big enough to give you all the resources you need, and small enough so you can make a real difference and earn recognition for your work. We offer a collegial culture, challenging projects, and excellent compensation and benefits, not to mention a Flex Work approach that is truly flexible to support where, when, and how you do your best work.
Dolby’s consumer entertainment and cinema businesses are bringing Dolby’s breakthrough technologies, powering the world’s top movies, TV shows, music, games, and live sports to more places around the world across a wider range of consumer experiences and devices.
The Business Information Security Officer (BISO) serves as the primary liaison between the Business Unit / Region and Dolby’s Global Cybersecurity organization. Operating on behalf of the CISO, the BISO embeds within the business to understand its strategy, processes, and risk profile, then translates cybersecurity requirements into business‑aligned initiatives and outcomes.
This role acts as both a cybersecurity champion (evangelizing and implementing the enterprise security strategy in the business) and a business champion (representing business priorities and constraints back into the security function).
The BISO does not own business risk; rather, the BISO advises, challenges, and supports business leaders in understanding, accepting, remediating, or transferring cyber risk within the organization’s risk appetite.
Key Responsibilities Strategic Security Partnership & Governance- Serve as the trusted cybersecurity advisor to Business Unit / Region leadership, participating in BU leadership forums, planning cycles, and governance routines.
- Translate Dolby’s global cybersecurity strategy, policies, and standards into actionable, BU‑specific roadmaps and controls.
- Ensure security is integrated into business strategy and major initiatives from inception through execution.
- Act as the “voice of the business” to the CISO, ensuring security investments, priorities, and controls reflect BU realities and objectives.
- Lead or coordinate cybersecurity risk assessments for the BU, including applications, products, processes, and critical assets, using approved risk methodologies.
- Facilitate identification, evaluation, treatment, and tracking of cyber risks; work with risk owners to define and implement remediation plans and risk acceptances.
- Support compliance with relevant regulatory, legal, and contractual requirements (e.g., SOX, GDPR, ISO 27001, TISAX, NIST CSF, etc.), coordinating with Legal, Compliance, Privacy, and Internal Audit as needed.
- Prepare for and support internal and external audits, certifications, and regulatory examinations impacting the BU.
- Embed security‑by‑design principles into BU projects, products, and services; ensure appropriate security requirements, architecture reviews, and testing are performed.
- Partner with Enterprise/ Security Architecture and Engineering teams to ensure BU solutions align with reference architectures, standards, and patterns.
- Review and advise on security aspects of solution designs, change requests, and exceptions, balancing business agility with risk reduction.
- Act as the primary BU point of contact for security incidents, data breaches, and significant vulnerabilities; coordinate with the SOC, IR team, and business stakeholders.
- Support post‑incident reviews, lessons learned, and tracking of corrective actions within the BU.
- Support or lead security risk assessments of key third‑party vendors, partners, and service providers used by the BU, in coordination with central Third‑Party Risk Management.
- Review and advise on…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).