Job Title

Business Information Security Officer (BISO)Industry: Retail / FMCG / Retail Banking Contract Type: 3-Month ContractOverview:A leading organisation in the Retail/FMCG sector is seeking a skilled and motivated Business Information Security Officer (BISO) to support ongoing transformation efforts. This is an excellent opportunity for a professional with strong expertise in Technology, Risk, and Security to play a pivotal role in bridging the gap between business functions and cybersecurity.As the BISO, you’ll ensure that security policies, training, and awareness initiatives are embedded across the organisation. You’ll work closely with stakeholders across Data, Information Security, IT Operations, and Portfolio teams, driving improvements to control frameworks and risk postures. The role requires strong influence and communication skills, particularly with IT leadership and executive teams, to secure necessary funding and support for mitigating control gaps and managing risk priorities effectively.Key Responsibilities:Act as the primary liaison between business units and the cybersecurity functionDrive alignment between business strategies and cybersecurity prioritiesLead the implementation of information security policies, training, and awareness programmesCoordinate control improvements across various technical and operational domainsIdentify, assess, and escalate risk and control issuesInfluence senior stakeholders and secure buy-in at the executive levelKey Skills & Experience:Proven experience in Information Security and IT Risk ManagementIn-depth knowledge of information security principles and frameworksStrong background in Governance, Risk, and Compliance (GRC)Internal audit evaluation and risk-based assurance planning skillsStrategic thinker with strong technical insightExperienced in stakeholder management up to board levelExceptional communication and influencing skillsDemonstrated ability to develop and implement strategic security plansCompetent in assessing business processes and IT technologies for risk exposureFamiliarity with security controls assessment tools and methodologiesTools & Technologies:Experience with Data Loss Prevention (DLP) solutionsCertifications (Desirable):CISACISSPFamiliarity with ISO standards, especially ISO 27001