Business Information Security Officer (BISO)

Avnet

Remote Actively hiring Posted this week
Chandler, Arizona Posted 6 days ago
View original post Log in to save

At a glance

AI generated

TL;DR

The Business Information Security Officer (BISO) at Avnet is a senior-level role within the global business operations team, focusing on embedding security into daily business processes to enable secure growth and innovation. This position involves working closely with business leaders to align cybersecurity strategies with operational needs, conducting risk assessments, translating technical risks into business language, and ensuring compliance with regulatory standards such as CMMC, ISO 27001, and GDPR. The BISO must possess strong communication skills, a deep understanding of cybersecurity frameworks like NIST and CIS, and experience in system assessment methodologies and vulnerability management. This role requires proficiency in cloud technologies, applications, infrastructure, and emerging trends, with the ability to balance enterprise security requirements with local business needs while supporting compliance programs and audit processes.

Skills

CI/CD DevSecOps Agile NIST CISM PCI DSS GDPR ISO 27001 CMMC SOX HIPAA Terraform AWS Kubernetes Python PostgreSQL

What you'll do

  • Serve as primary cybersecurity advisor to assigned business units, embedding security early in planning.
  • Recommend appropriate security controls based on operational context and regulatory requirements to prevent over-engineering.
  • Translate complex technical risks into clear business impact language for executives to enable informed decisions.
  • Establish recurring governance touchpoints within each business unit to provide transparency on risk hot spots.
  • Represent business priorities in enterprise cybersecurity discussions, advocating for solutions aligned with business realities.
  • Support business units in meeting vulnerability remediation SLAs and promote adoption of secure configuration baselines.

What we're looking for

  • 8+ years of IT experience, including at least 4 in cybersecurity or information security.
  • Strong understanding of cybersecurity frameworks and risk management principles.
  • Experience translating technical risks into business-relevant insights for decision-making.
  • Familiarity with regulatory requirements such as PCI DSS, GDPR, and others.
  • Ability to balance enterprise standards with local business needs effectively.
  • Relevant certifications like CISSP, CISM, or CRISC preferred.

Employer

About Avnet

Avnet is a global technology distributor and solutions provider connecting the world's top electronic component manufacturers with product designers and engineers through distribution and value-added services. Industry: Electronic Components Distribution

Avnet currently has 5 open roles on FindRole.

Most-posted roles

View all roles at Avnet