Business Information Security Officer (BISO)

Job Description : About News Corp

News Corp is a global diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers and businesses throughout the world. The company comprises businesses across a range of media, including : news and information services, book publishing, digital real estate services, cable network programming.

What You’ll Do

As a global media and information services company, News Corp understands the importance of cybersecurity and mitigating risk across the organisation. We believe in protecting our businesses and customers and are looking to build innovative solutions that will allow us to become a global leader in cybersecurity. If cybersecurity is your passion and you want to be part of a cutting edge team, we want to hear from you!

The Business Information Security Officer (BISO) for Dow Jones will be the primary point of contact for Dow Jones and its subsidiaries and supports the implementation of the Global Cybersecurity program within the business unit. As a trusted advisor, this individual will work with the business to understand business requirements and implement cybersecurity strategies, and will provide advice and oversight to the business to ensure the business is compliant with required cybersecurity requirements and policies. Combining business acumen with technical knowledge, this role assists in improving the security posture with respect to delivering services and partnering with Dow Jones leadership. This role will understand the key assets and processes, identify and evaluate risks and controls, and suggest incremental controls or risk mitigation strategies where necessary. Additionally, the individual will drive and oversee business compliance with cybersecurity policy and standards while continuously monitoring and reporting on risks and documented exceptions.

Responsibilities

Act as the primary business unit cybersecurity contact / advisor, liaising with global and local technology, legal, finance, audit, compliance, product leadership

Develop and maintain in depth understanding of business unit processes, crown jewels, physical locations, systems, technologies, data, customers, partners

Lead the development of a Dow Jones specific cybersecurity strategy, incorporating global cybersecurity strategies and initiatives, and understanding the Dow Jones business strategies and roadmaps to ensure cyber security is embedded at the right control points

Coordinate and manage scheduled Cyber Risk Steering Committees and monthly the Cyber Security Council for the Dow Jones to ensure stakeholders are kept abreast of risks, threats, program maturity and projects. Update and track actions and ownership as necessary

Drive implementation of cybersecurity policies and standards across Dow Jones and its subsidiaries. Proactively identify non-compliance and areas of potential improvement, and facilitate development and deployment of standard solutions

Oversee the PCI-DSS program, support the IT General Controls team with SOX compliance relating to Cyber security, support other required legal and / or compliance requirements and support internal technology audits.

Support the Dow Jones Privacy Leader

Provide regular and timely reporting on the status of cybersecurity across Dow Jones and its subsidiaries.

Engage with the Global Incident Response Team (IRT) and provide an escalation path and contact point for Cyber Security issues, incidents and inquiries within the Dow Jones.

Work with the Cyber Defense, Product Security Engineering, Enterprise Security teams to assist in effectively driving program maturity across Dow Jones.

Required Experience & Qualifications

Minimum of 10-15 years of professional working experience

A Bachelor’s degree in Technology, Legal, Computer Science / Engineering, Cybersecurity, a related field or experience

Must have a strong understanding of security compliance, policy management, security frameworks (NIST, ISO27001, PCI etc) and regulations.

Solid foundation of security architectures and cloud computing environments

Excellent communication skills. Ability to effectively communicate, both orally and in writing, through all levels of the organisation, but especially with executives

Excellent problem solving, critical thinking, and analytical abilities

International work experience or experience working as part of a globally dispersed team is a plus

Comfortable working in matrixed organisations

CISSP or CRISC certifications not required but highly referred

Location : NYC

Working Arrangement : Hybrid - a minimum of three days in office per week

Equal Opportunity Employer

All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, protected veteran status, or disability status. EEO / AA / M / F / Disabled / Vets

LI-Hybrid

Job Category :

Pay Range : 230000 - 285000

We recognize that attracting the best talent is key to our strategy and success as a company. As a result, we aim for flexibility in structuring competitive compensation offers to ensure we are able to attract the best candidates. The quoted salary range represents our good faith estimate as to what our ideal candidates are likely to expect, and we tailor our offers within the range based on the selected candidate's experience, industry knowledge, location, technical and communication skills, and other factors that may prove relevant during the interview process.

Pay-for-performance is a key element in our strategy to attract, engage, and motivate talented people to do their best work. Similarly to salary, for bonus eligible roles, targets are set based on a variety of factors including competitive market practice.

For benefits eligible roles, in addition to cash compensation, the company provides a comprehensive and highly competitive benefits package, with a variety of physical health, retirement and savings, caregiving, emotional wellbeing, transportation, and other benefits, including "elective" benefits employees may select to best fit the needs and personal situations of our diverse workforce.

News Corp is a global, diversified media and information services company focused on creating and distributing authoritative and engaging content to consumers throughout the world. The company comprises businesses across a range of media, including : news and information services, book publishing, digital real estate services, cable network programming in Australia, and pay-tv distribution in Australia.

Headquartered in New York, the activities of News Corp are conducted primarily in the United States, Australia, and the United Kingdom.