The Professionals’ Choice for Real Estate Jobs
  1. Home
  2. Find Jobs
  3. VP - Business Information Security Officer (BISO)
CBRE

VP - Business Information Security Officer (BISO)

Salary
Competitive
Employment
Full Time
Real Estate Field
  • General Management / C-Suite
Location
Dallas
 TX
Postal Code
75201
Country
United States

Apply Now

Description


Business Information Security Officer (BISO) works closely with the Global Workplace Solutions (GWS) line of business and the D&T GWS Executive. In this role, you will be supporting a group/team to develop a deep understanding of the business in order to have specialized cyber security risk-based discussions. This relationship will ensure a focus on the correct risk priorities, provide guidance on information security policies and controls, client RFPs & audits, and input for securing new product development. The individual will work to ensure Information Security risks are proactively managed, effectively controlled, mitigated and/or remediated with Senior Business Head support and buy-in.

Role/Responsibilities:

  • Actively supports the execution of the GCSO program and other plans developed by the Business or as applicable.
  • Develops a target state security posture in-line with client and market needs; develops a plan to address gaps and lead execution.
  • Interfaces with the client for RFPs, inquiries, and client security audit reviews; outlines best-practices incl. creating a standard information stack in order to streamline information security reviews.
  • Engages with client executives as appropriate to drive confidence in CBRE s progress and vision as it pertains to information security.
  • Strong working knowledge related to governance, controls, secure agile development, and effective monitoring.
  • Support data owners and provide guidance related to access, usage, storage, and sharing of all data including existing and emerging data (e.g. digital, unstructured).
  • Strong understanding of data privacy laws and regulations
  • Strong working knowledge of Operations and Information Technology risks and control management.
  • Actively engages with senior leaders to address, identify and/or escalate security concerns and emerging risks.
  • Provides the business with strategic security guidance to ensure consistency in development/deployment globally.
  • Identifies key risks to applications and understand business risk tolerance in order to identify solutions and provide guidance.
  • Reports cyber security issues/risks to the Business as applicable with appropriate documentation and supports the response to security events.
  • Provide guidance preparing for audits, support the resolution of audit findings and ensuring closure.
  • Work with the Business to develop processes and procedures to ensure information security policies and standards are integrated.
  • Develops and tracks Business Information Security Metrics in conjunction with GCSO Team

Awareness & Training:

  • Facilitates awareness and training programs as needed based on issue/risk trends.
  • Promotes awareness of current policies and standards, as well as revisions and developments; provide consistent interpretation of policy to business unit.
  • Distributes information security awareness materials and publications appropriately within the business.

Relationship Management:

  • Builds relationships and engage frequently with business leaders and client account teams.
  • Frequently interact with, and educate, business leads and their Senior Management team on current issues and overall status of the global cyber security program.
  • Help drive cyber security best practices between organizations and countries.
  • Identify key business contacts to ensure adequate coverage for the business security program.
  • Maintain a positive relationship with client auditors.


Required Skills:

  • Bachelor's degree (BA/BS) from four-year college or university and a minimum of 12 years of related experience and/or training, including 7+ years of experience at the management level.
  • Must display subject matter experience in application security (security by design), vulnerability testing, identity management, and incident response, with deep experience in software engineer.
  • 7+ years of risk management experience or direct participation in risk management processes, including application risk classification and application control assessments.
  • Experience giving presentations and superb communication skills


Equal Opportunity and Affirmative Action Employer Women/Minorities/Persons with Disabilities/US Veterans

Job Functions


  • General Management and C-Suite
  • Operations
 

Job Sector


  • Alternative Investments
 

Experience


N/A


Apply Now
 
SelectLeaders is where real estate professionals and executives manage their careers, network and come for valuable information about their industry. © 2005 - 2020 SelectLeaders LLC