Senior Director, Business Information Security Officer Senior Director, Business Information Security  …

S&P Global
in New York, NY
Permanent, Full time
Be the first to apply
S&P Global
in New York, NY
Permanent, Full time
Be the first to apply
Senior Director, Business Information Security Officer
Grade ( relevant for internal applicants only ): 14

S&P Global Platts is currently seeking a Business Information Security Officer
(BISO) to join our Technology Leadership Team. This is a senior engineering
leadership role who ensures security best practices are part of everything we
do within the Platts Technology organization. The BISO will work with the
corporate InfoSec team to bake security into S&P Global Platts strategic
plans and operations. The BISO will provide input into the corporate CISO
strategy and guide, consult and partner with Platts Technology leadership to
ensure the CISO strategy is seamlessly integrated into the Platts Technology
strategy. This person will be the primary contact for security related
concerns with internal stakeholders and external regulators.

Their day-to-day responsibilities include partnering with the technology teams
to ensure that security engineering and operations are prioritized, and
security best practices are part of the technology life cycle from beginning to
end. This includes planning roadmaps to rollout security standards, advising
on engineering efforts, creating communities of practice that build and
deploy engineering solutions, and working with all engineering teams to
address security gaps and notify them when vulnerabilities or security
defects are discovered. Regular collaboration with the CISO's organization is
required to make sure priorities are clearly understood. Working with internal
audit, compliance and related regulatory groups within S&P Global Platts is
critical to ensuring we are not only adhering to best practices, but able to
evidence that externally to regulatory and audit stakeholders.

This person must be technical with a focus in security. He or she must have
good communication and priority managements skills and be comfortable
reporting out to and working with senior executives on key strategic
initiatives. He or she needs to be able to clearly state the security posture of
the firm and how that impacts S&P Global Platts. This person must also feel
comfortable being an evangelist for security and enjoy working with other
technologists in making security something that is not only necessary, but an
exciting aspect of everyone's personal career story.

What We're Looking For
* Ability to clearly articulate and build support for a strategic security vision, as passionate about the 'why' as the 'how'
* Be relentlessly curious, take ownership and challenge the status quo
* Have in-depth knowledge of the security landscape as well as deep understanding of how to implement solutions in a regulated setting
* Operates globally and is able to define where strategies and tactics need to be applied globally and where locally, and to communicate that clearly and simply
* In-depth knowledge of cloud providers, cloud operating models and cloud security controls and best practices
* Looks at external companies, products and capabilities and how they may accelerate Platts Technology security initiatives
* Shapes and leverages advanced conceptual thinking to solve complex and/or completely new or novel security situations that have never been dealt with before.
* Actively pursues innovative solutions that align with the company's tolerance for risk (business and reputational).

Required Skills
* 10+ years of experience in technology and 5+ years in information security
* 5+ years of experience in application development or application security
* 5+ years of experience in risk management with direct participation in risk management processes, including application risk classification and control assessments
* Must display subject matter expertise in application security, vulnerability remediation, secure system operations, and be grounded in software development lifecycle management
* Strong experience working with lines of business and gaining consensus on security rationale, implementation, deployment and maintenance
* Strong experience of public cloud operators, ideally AWS but Google Cloud or Azure is acceptable
* Experience giving presentations and comfortable communicating in a senior executive setting

S&P Global states that the anticipated base salary range for this position is $148,200 to $338,600 . Base salary ranges may vary by geographic location.
In addition to base compensation, this role is eligible for an annual incentive plan.
This role is eligible to receive additional S&P Global benefits. For more information on the benefits we provide to our employees, visit .

At S&P Global Platts, we provide the insights; you make better informed trading and business decisions with confidence. We're the leading independent provider of information and benchmark prices for the commodities and energy markets. Customers in over 150 countries look to our expertise in news, pricing and analytics to deliver greater transparency and efficiency to markets. S&P Global Platts coverage includes oil and gas, power, petrochemicals, metals, agriculture and shipping.

S&P Global Platts is a division of S&P Global (NYSE: SPGI), which provides essential intelligence for individuals, companies and governments to make decisions with confidence. For more information, visit .

S&P Global has a Securities Disclosure and Trading Policy ("the Policy") that seeks to mitigate conflicts of interest by monitoring and placing restrictions on personal securities holding and trading. The Policy is designed to promote compliance with global regulations. In some Divisions, pursuant to the Policy's requirements, candidates at S&P Global may be asked to disclose securities holdings. Some roles may include a trading prohibition and remediation of positions when there is an effective or potential conflict of interest. Employment at S&P Global is contingent upon compliance with the Policy.

S&P Global is an equal opportunity employer and all qualified candidates will receive consideration for employment without regard to race/ethnicity, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, marital status, military veteran status, unemployment status, or any other status protected by law. Only electronic job submissions will be considered for employment.

If you need an accommodation during the application process due to a disability, please send an email to: and your request will be forwarded to the appropriate person.

The EEO is the Law Poster describes discrimination protections under federal law.

102 - Senior Management (EEO Job Group) (inactive), 10 - Officials or Managers (EEO-2 Job Categories-United States of America), IFTECH102 - Senior Management (EEO Job Group)

Job ID: 263866
Posted On: 2021-08-09
Location: New York, New York, United States
S&P Global logo
More Jobs Like This
See more jobs