Principal - Business Information Security Officer

The Principal - Business Information Security Officer (BISO) acts as the bridge between the cybersecurity team and various business segments.  This position requires a strategic thinker with a technical and analytical background, exceptional communication skills, and the ability to collaborate across departments to drive effective information security practices. The BISO role is to translate the defined security strategy into actional plans for our business segments.  You’ll be a trusted advisor to both security and business stakeholders to ensure security practices are embedded across the organization.  You’ll be responsible for working with other Delivery Leads and Analyst assigned to other business segments to understand priorities and support to spread the program further.

Additionally, the BISO will support the Digital Business Partner for Legal and be responsible for identifying change needs, assessing the impact of the change, capturing and documenting requirements and then ensuring that those requirements can be delivered by IT. The business analyst should have an acceptable level of understanding on Ingredion IT capabilities resulting in presenting solutions that align to both Business and IT strategy. 

Core BISO Responsibilities:

• Work under the CISO to help support and provide strategic direction and oversight for the implementation, and maintenance of the organization's information security strategy, policies, and programs aligned with business goals. 
• Work closely with business leadership to instill cybersecurity policies and practices to address security operations, incident response, application security and infrastructure.
• Build relationships with business segments to be actively informed and engaged in security projects across the business ensuring projects are focused on cybersecurity from the beginning
• Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business segments.
• Proactively document and track security risks, remediation plans, exceptions, and control deficiencies
• Assist in define key performance indicators (KPIs) and metrics aligning with business segment initiatives and deliver them to in terms that are accessible and comprehensible.

• Risk Management: Identify, assess, and manage information security risks, working closely with business segments to develop risk mitigation strategies and ensure compliance with relevant regulations and standards 
• Partner with business segments leaders to understand their security needs and risks.
• Collaborate with the security team to recommend and or implement security controls tailored to business segments.
• Champion security awareness through training programs and initiatives throughout the business segments .
• Advise on security best practices for new technologies and business processes.
• Provide operational improvement recommendations based on client feedback and data analysis 

 Digital Partner Support – Legal

Digital Strategy and Roadmap Development for Legal: 

• Assist in the development and execution of a comprehensive digital strategy and roadmap for the global Legal technology portfolios, aligned with the company's overall P2W strategy and business objectives. 
• Analyse the business requirements collected by Business Relationship manager and construct solution roadmaps for individual divisions and functions. 
• Identify opportunities to leverage emerging digital technologies and platform best practices to drive innovation, efficiency, and productivity within Legal functions. 
• Facilitate the adoption of digital technologies and processes to improve operational efficiency, productivity, compliance, and decision-making. 
• Collaborate with Legal stakeholders to identify and prioritize digital opportunities, pilot projects, and proof-of-concepts. 

Technology Portfolio Management: 

• Oversee the management and optimization of technology solutions and platforms supporting Legal functions. Major solutions/platforms include I-certis contract lifecycle management solutions.  
• Ensure alignment between technology investments and business priorities, optimizing resource allocation and enabling value realization. 

Global Collaboration and Stakeholder Engagement 

• Collaborate with appropriate regional and functional leaders in Legal, and Digital Technology Solutions to understand business needs and ensure alignment with global digital strategies and initiatives. 

Partnership and Supplier Management 

• Establish and nurture partnerships with technology suppliers, service providers, and industry experts to understand product roadmaps, and to enhance the company's Legal digital capabilities and innovation ecosystem. 
• Manage supplier contracts, ensuring alignment with business requirements, service levels, and cost-effectiveness. 

Innovation and Emerging Technologies 

• Assist in innovation and experimentation with emerging technologies such as AI/ML and data analytics to enhance Legal operations and user experiences. 

Performance Monitoring and Measurement 

• Assist in defining key performance indicators (KPIs) and metrics to measure the effectiveness and impact of digital initiatives and technology investments within Legal functions. 
• Monitor performance data, analyze trends, and provide regular reporting to Business Partners, identifying opportunities for continuous improvement and optimization. 

 Qualified candidates will have:

• minimum of 5+ years of information security or related risk management experience
• Experience with and knowledge of a broad range of security topics covering industrial controls systems, operational technology, information protection, application and infrastructure security, vulnerability management, and incident response.
• Knowledge of industry standards and frameworks (NIST, SOC1, SOC2, etc.)
• Proven track record of successfully influencing and leading peer and matrix teams where no direct reporting relationship exists.
• Strong leadership qualities and business acumen to engage with all levels of the organization.
• Ability to understand business ecosystem and define a related threat landscape.
• Ability to translate information security and technical controls into business terms that are easily understood.
• Excellent verbal, written, and presentation skills.
• Ability to work a flexible schedule to accommodate project deadlines.
• Strong collaboration skills

Education

• Bachelor’s degree in related field or equivalent experience
• CISSP or other security related certification preferred (CISM / CRISC)

Relocation Available?          No

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Ingredion provides accommodations to job applicants with disabilities throughout the hiring process. If a job applicant requires an accommodation during the application process or through the selection process, we will work with the applicant to meet the job applicant's accommodation needs.

We are an equal opportunity employer and value diversity at our company. Ingredion seeks to provide a work environment that is free from harassment and discrimination. We will not tolerate any form of discrimination based on race, color, religion, age, gender, gender identity, gender expression, national origin, ancestry, handicap or disability—mental or physical—marital status, sexual orientation, veteran status, disability resulting from military service, or any other classification protected by law (“protected classifications”). We are committed to establishing and maintaining a work environment where everyone is treated with dignity and respect.

Relocation Available: