Security Analyst , Business Information Security Office (BISO) (German:English) Security Analyst , Business Information Security Office (BISO) (German:English)

Position Title: Security Analyst , Business Information Security Office (BISO) German:English Speaking Market

About us:

Foundever™ is a global leader in the customer experience (CX) industry. With 170,000 associates across the globe, we are the team behind the best experiences for +750 of the world’s leading and digital-first brands. Our innovative CX solutions, technology and expertise are designed to support operational needs for our clients and deliver a seamless experience to customers in the moments that matter. 

Are you self-motivated, directed and well-organized capable of working in a complex security environment with multiple local and international security requirements? If so, then please read on and apply for our exciting new role opportunity in the Global Security Team. The successful post holder will be based either in France or South Africa (within a commutable distance to Foundever office)

Nature and Scope

Business Information Security Officers (BISOs) serve in a client-centric role supporting Foundever and exist to promote client satisfaction as part of the Global Security organization under the Business Information Security Office (BISO). Working with global enterprise clients, BISOs collaborate with the IT solutions team, business development and deal desk to ensure comprehensive security design in a pre-sales environment. The BISO is a critical resource to the legal team serving as the security subject matter expert on contractual language. The BISO partners with Cyber Security Engineering, Cyber Security Operations, and Project Management Office (including Enterprise Change Management (ECM)) to oversee security matters during client implementations and changes. The BISO serves as an internal resource to the Operations team to support client security audits, client change requests, and other security related topics pertaining to Foundever’s clients. The regional role will oversee the security of sensitive information and projects, client or corporate related, and will advise in the security of the company’s infrastructure to meet client requirements

Key job details

• Support the internal Security team to conduct Tier 2 support to our internal security, operations and other staff in the identification, investigation and mitigation of fraudulent and other prohibited activities, geolocation violations, DLP alerts; provide support to operations and account teams to remediate missed SLAs for security awareness, termination of accounts
• Gather and provide the technical security evidence to regional directors and manager for presentation during internal and client audits; partner with fraud team to investigate incidents of fraud and respond to EthicsPoint incidents, communicating with the client on resolution of incidents; work with operations team to ensure physical security controls are in place and Site Security Questionnaires are completed; monitor and close CAPA items related to audit findings and SSQs
• Participate in Enterprise Change Management Reviews for client requested changes, ensuring security risks introduced to the environment from requested changes are minimized or reduced
• Communicate effectively to provide internal and client-facing quality deliverables with regards to best practices or new frontiers in security
• Knowledge and experience in Information Security best practices (technical knowledge and demonstrated technical expertise)
• Working knowledge of Common Security Frameworks (ISO 27000 series, SSAE 18, NIST SP 800 series, etc.)
• Working knowledge of Privacy Frameworks (GDPR, HIPAA, PIPEDA, etc.)
• Working knowledge of Payment Card Industry (PCI) framework and controls
• Other industry and country security requirements as required to support clients in the region supported
• Ability to appropriately handle critical information and sensitive information
• Effectively use Microsoft Office products, including Visio, in communication delivery
• Effective organization and communications skills

Knowledge and Skills

• Work under the direction of the Regional BISO or the BISO Manager to oversee the security of sensitive information and projects, client or corporate related, and will advise in the security of the company’s infrastructure to meet client requirements
• Assist in conducting IT security risk assessments, reviews, investigations and risk management services throughout the company
• Under supervision of the Manager or Director, Regional BISO, provide security risk evaluation, audits, mitigation and solutions to projects and initiatives advocating security measures in line with contractual obligations and internal security policies
• Assist in the development and implementation of strategies to balance security recommendation with business needs
• Respond to inquiries and requests on security related questions from solutions providers, developers, engineers, and leadership team
• Work with IT to ensure assets are adequately secured to clients’ requirements
• Conduct and support physical security planning, reviews, audits and operations
• Provide Tier 2 support to our internal security, operations and other staff in the identification, investigation and mitigation of fraudulent and other prohibited activities, geolocation violations, DLP alerts
• Provide support to operations and account teams to remediate missed SLAs for security awareness, termination of accounts
• Provide security input to Enterprise Change Management team to facilitate client requested changes
• Provide support to the regional team to gather audit evidence and provide follow-up responses to client security audit activities or internal security audit activities
• Respond to and work security tickets as assigned to the regional BISO team
• Perform case management and execution of support for security investigations under the direction of the Regional BISO or the BISO Manager
• Participation and engagement in Foundever Regional Security initiatives, including but not limited to Site Security Questionnaire (SSQ) support, reviewing geolocation violations and data loss prevention (DLP) violations, ensuring that recommendations are made to meet the needs of Foundever clients and the business
• Other security-related support functions as needed or assigned to the regional BISO Team by the VP Business Information Security or the Chief Security Officer

Qualifications and Experience

• At least 1-3 years in technology, cybersecurity or risk governance roles interfacing with global clients on complex technology solutions or security consulting.
• This could be in technical account management, sales engineering or IT project management
• Four-year degree or equivalent combination of education and experience is highly desired
• CISSP and/or CISM and/or CISA preferred, willingness to obtain certification required for advancement in this department

TRAVEL % Up to 25% within region of responsibility could be required

Languages 

• Excellent conversational and written knowledge in English and German
• Other languages are a plus

Our offer:

• Competitive compensation package
• Growth opportunities within an expanding team
• Hybrid working The successful post holder will be based in Turkey (within a commutable distance to Foundever office)
• Working alongside a team of high-calibre and dynamic leaders
• Excellent work-life balance culture

Read Full Description