Skip Navigation

Careers

Search Jobs

or Search with LinkedIn

Business Information Security Officer, Security Services

Syracuse, New York

Apply Now

Overview

Our IT ambition is to be recognized for ‘Transforming National Grid into the leader of the digital energy future’.

Market innovation will drive the digital utility.

We plan to enhance our IT offerings, mature the way we interact with our business partners, and transform the culture of our teams.

Culturally, we will be placing a stronger emphasis on designing systems around the end user. We are establishing an operating model based on accountability and empowering our workforce to share ideas and drive continuous improvement. There will be clear career options within the company, both management and technical. We are focusing on enhancing and investing in both leadership capability and developing necessary technical expertise.

Back to Job Navigation (Overview)

Success Profile

What makes you a successful Information Technology team player at National Grid? Check out the top traits we’re looking for and see if you have the right mix.

  • Strategic
  • Inventive
  • Collaborative
  • Proactive
  • Results Driven
  • Leadership

Back to Job Navigation (Success)

Benefits

  • Healthcare

  • 401(k)

  • Continuing
    Education

  • Paid Time Off

  • Employee
    Assistance (EAP)

  • Health & Wellness

Back to Job Navigation (Benefits)

Quote

Responsibilities

About us

Every day we deliver safe and secure energy to homes, communities, and businesses. We are there when people need us the most. We connect people to the energy they need for the lives they live. The pace of change in society and our industry is accelerating and our expertise and track record puts us in an unparalleled position to shape the sustainable future of our industry.

To be successful we must anticipate the needs of our customers, reducing the cost of energy delivery today and pioneering the flexible energy systems of tomorrow. This requires us to deliver on our promises and always look for new opportunities to grow, both ourselves and our business

Job Purpose

The Business Information Security Officer’s (BISO) role will be the focal point for effective engagement between business areas and the Security Team. This role will be a trusted adviser to senior business and technology stakeholders and provide broad knowledge of security strategies, policies, processes, architecture and road maps to enable divisions/business to understand and meet security requirements.

The BISO role will reporting to the Head of Business Information Security Officer and work closely with the with the business, supporting to operate within information security risk appetite. The BISO will be an essential business partner and will take responsibility for the assessing and managing information security risk for the business.

This role will focus on ensuring that Information Security is considered in respect of all elements of Business. The BISO will be required to support business units with the design and implementation of central security strategies

Key Accountabilities

1.    Build maintain effective relationship with a division’s Business and Technology stakeholders. Be the voice of information security in the division/business area and the voice of the business within information security.
2.    Raise the profile of security within the organisation by being pro-actively involved with stakeholders and customers.
3.    Own and communicate the divisional roadmap for information security aligned with risk appetite and overall security roadmap. Align information security responsibilities and working practices of divisions and security teams. Identify and resolve risks and issues.
4.    Facilitate planning, introduction, delivery of information security services and initiatives e.g.
•    security capability / maturity improvement,
•    delivery of point services such as vulnerability assessments, project risk assessments, vendor assessments
•    divisional security awareness and educations
•    delivering targeted security and risk briefing
5.    Collate demand for security and collaborate across the security team to balance supply and demand of security and divisional resources.
6.    Contribution to development and implementation of security architecture, and the design of security service and processes.
7.    Ensure that policy compliance is appropriate to the organisational and Business Unit’s level of risk acceptance.
8.    Demonstrate to stakeholders that appropriate security controls are in place and own/create actions plans to manage improvement or change where necessary.
9.    Advise stakeholders on how to achieve the relevant controls and assist with solutions to support them.
10.    Where necessary ensure that processes are documented and communicated in language that is relevant and understandable to international and /or non-technical audiences.
11.    Ensure all proposed technical solutions uphold security requirements.
12.    Support and deliver security initiatives as needed and be able to demonstrate and track progress to stakeholders.
13.    Manage divisional security incidents, working closely with group and divisional stakeholders.
14.    Any other duties relating to the remit of a role of this standing as required by the needs of the business.

Qualifications

The ideal candidate profile will include the following points:
1.    The ability to build good relationships at all levels and across all business units and organisations, and the ability of influence stakeholders of all levels
2.    Excellent verbal, written and interpersonal communication skills. Listens and communicates technical subjects to both technical and nontechnical audiences, flexes style to suit the needs of the audience.
3.    Ability to work with others effectively, with 3rd parties, internal teams, and international business units, promoting knowledge sharing within and across teams.
4.    Highly self-motivated and directed, with keen attention to detail.
5.    A good understanding of security frameworks including ISO27001/NIST/SANs.
6.    Have a relevant industry certification such as CISSP, CISM, CRISC or similar

Individuals selected for this role are expected to have both extensive knowledge and managerial know-how related to the following aspects of the CISO pillar skills matrix:
Experience managing multi-function relationships throughout major transformation;
1.    Understanding of security technology;
2.    Experience in a role balanced between business stakeholders and a central service organization;
3.    Navigating a multifaceted, matrix organization; and
4.    Collaborating with multiple stakeholders across functional and technical skillsets.
5.    Analytical: Inquisitive nature and intuition regarding what questions to ask, when, and their relative significance.
6.    Technical: Broad understanding of security technology.
7.    Business: High level understanding of utility/energy sector business model, service offerings, and business operating environment as it pertains to the firm's threat landscape. Ability to frame threats and exposures in a business context recognized by non-technical staff and executives.
8.    Domain landscape: Knowledge of technical security operating principles
9.    Communication: Ability to leverage business communication skills to inform, persuade, and teach stakeholders across a global network of member firms' staff and leadership to enable effective information security activities and processes in line with the cyber readiness program

  • Bachelor's degree
  • 5 years of relevant security work experience and 4 years of experience in project management. Knowledge of security system technologies and supporting electrical and IT infrastructures desirable

More Information

This position has a career path which provides for advancement opportunities within and across bands as you develop and evolve in the position; gaining experience, expertise and acquiring and applying technical skills. Internal candidates will be assessed and provided offers against the minimum qualifications of this role and their individual experience.

National Grid is an equal opportunity employer that values a broad diversity of talent, knowledge, experience and expertise. We foster a culture of inclusion that drives employee engagement to deliver superior performance to the communities we serve. National Grid is proud to be an affirmative action employer. We encourage minorities, women, individuals with disabilities and protected veterans to join the National Grid team

Apply Now

Sign up for Job Alerts

Sign up for Job Alerts

Search by category, location or a combination of the two. Select the desired result and click “add”. You can add as many search terms as desired.

Area of InterestSearch for a category and select one from the list of suggestions. Select a location from the list of options. Finally, click “Add” to create your job alert.

  • Information Technology, Syracuse, New York, United StatesRemove
  • Featured, Syracuse, New York, United StatesRemove

Awards

  • 2016 World's Most Ethical Companies www.ethisphere.com
  • 2017 World's Most Ethical Companies www.ethisphere.com
  • 2018 World's Most Ethical Companies www.ethisphere.com
  • Human Rights Campaign 2018 Best Places to Work for LGBTQ Equality 100% Corporate Equality Index
  • Best in class 2017 4017(k) plan sponsor
  • Reader's Choice 2018 a top 50 employer Careers & the disABLED

Back to Job Navigation (Awards)

We support developing the skills and capabilities of young people in the science, technology, engineering and mathematics (STEM) subjects. It supports our future talent recruitment and our desire to see young people gain meaningful employment.

Learn more about our Student Programs