×
Register Here to Apply for Jobs or Post Jobs. X

Business Information Security Officer

Job in San Francisco, San Francisco County, California, 94199, USA
Listing for: Dolby Laboratories
Full Time position
Listed on 2026-06-26
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Data Security
Job Description & How to Apply Below

Business Information Security Officer (BISO)

The Business Information Security Officer (BISO) serves as the primary liaison between the Business Unit / Region and Dolby’s Global Cybersecurity organization. Operating on behalf of the CISO, the BISO embeds within the business to understand its strategy, processes, and risk profile, then translates cybersecurity requirements into business‑aligned initiatives and outcomes.

This role acts as both a cybersecurity champion (evangelizing and implementing the enterprise security strategy in the business) and a business champion (representing business priorities and constraints back into the security function). The BISO does not own business risk; rather it advises, challenges, and supports business leaders in understanding, accepting, remediating, or transferring cyber risk within the organization’s risk appetite.

Key Responsibilities Strategic Security Partnership & Governance
  • Serve as the trusted cybersecurity advisor to Business Unit / Region leadership, participating in BU leadership forums, planning cycles, and governance routines.
  • Translate Dolby’s global cybersecurity strategy, policies, and standards into actionable, BU‑specific roadmaps and controls.
  • Ensure security is integrated into business strategy and major initiatives from inception through execution.
  • Act as the “voice of the business” to the CISO, ensuring security investments, priorities, and controls reflect BU realities and objectives.
Risk Management & Compliance
  • Lead or coordinate cybersecurity risk assessments for the BU, including applications, products, processes, and critical assets, using approved risk methodologies.
  • Facilitate identification, evaluation, treatment, and tracking of cyber risks; work with risk owners to define and implement remediation plans and risk acceptances.
  • Support compliance with relevant regulatory, legal, and contractual requirements (e.g., SOX, GDPR, ISO 27001, TISAX, NIST CSF, etc.), coordinating with Legal, Compliance, Privacy, and Internal Audit as needed.
  • Prepare for and support internal and external audits, certifications, and regulatory examinations impacting the BU.
Security Integration into Projects, Products, and Technology
  • Embed security-by-design principles into BU projects, products, and services; ensure appropriate security requirements, architecture reviews, and testing are performed.
  • Partner with Enterprise/ Security Architecture and Engineering teams to ensure BU solutions align with reference architectures, standards, and patterns.
  • Review and advise on security aspects of solution designs, change requests, and exceptions, balancing business agility with risk reduction.
Incident Preparedness, Response, and Resilience
  • Act as the primary BU point of contact for security incidents, data breaches, and significant vulnerabilities; coordinate with the SOC, IR team, and business stakeholders.
  • Support post‑incident reviews, lessons learned, and tracking of corrective actions within the BU.
Third‑Party and Supply Chain Security
  • Support or lead security risk assessments of key third‑party vendors, partners, and service providers used by the BU, in coordination with central Third‑Party Risk Management.
  • Review and advise on contractual security requirements and SLAs for BU vendors and partners.
  • Monitor and help remediate third‑party security gaps that could affect BU operations, data, or customers.
Security Awareness, Culture, and Training
  • Champion a culture of shared responsibility for cybersecurity within the BU; make security understandable, relevant, and actionable for non‑technical stakeholders.
  • Partner with central security awareness teams to tailor and deliver BU‑specific training, phishing simulations, workshops, and communications.
  • Provide targeted guidance to high‑risk roles (e.g., developers, privileged admins, sales with access to sensitive data, executives) on secure behaviors and practices.
Metrics, Reporting, and Performance Management
  • Develop and maintain BU‑level security and risk metrics (KPIs/KRIs) aligned with enterprise dashboards and frameworks.
  • Provide regular reporting to BU leadership and the CISO on cyber risk posture, control effectiveness,…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary