Business Information Security Officer jobs in United States
cer-icon
Apply on Employer Site
company-logo

Precisely · 9 hours ago

Business Information Security Officer

positionUnited States
timeFull-time
remoteRemote
senioritySenior Level

Precisely is a leader in data integrity, empowering businesses to make confident decisions through trusted data. They are seeking a Business Information Security Officer to manage a team responsible for overseeing technical and process security controls while ensuring compliance with information security policies and regulations.

Big DataCloud Data ServicesData IntegrationData Management
check
H1B Sponsor Likelynote

Responsibilities

Align to Precisely Information Security Management System across the Engage business unit that addresses the needs of Engage, staff, partners, customers, and other external stakeholders in line with relevant legislation and industry standards
Maintain current SOC 1 & 2 Type II, HIPAA HITECH and ISO 27001 & 27701 certification for Engage software products
Maintain documentation and processes necessary to comply with contractual obligations and customer security requirements
Implement additional compliance in coordination with Precisely InfoSec Compliance as needed for each software product
Maintain robust and fit-for-purpose operational procedures
Ensure that the structures and reporting systems are in place to allow the Engage Information Security team to work with the Precisely CISO Office in maintaining the highest standards of quality, legal and regulatory compliance and corporate governance in all areas
Provide advice and direction to the Engage Product Management team, on how software products can comply with regulations
Propose changes to the Engage Information and Cyber Security systems, processes and procedures by continuously analysing and reviewing appropriate security technologies and practices as informed by Precisely standards
Ensure that information and Cyber Security risks to Engage are identified and managed appropriately
Use and improve Precisely measures and metrics to support the assessment, reporting and ongoing improvement of the Engage information security posture
Work closely with internal stakeholders to keep abreast of planned changes to technologies, working practices, and business activities that could have an impact on Engage’s Information Security or risk profile
Maintain the Precisely information assurance framework for Engage, enforcing compliance with policies in conjunction with internal audit
Align to Precisely standards and oversee Cloud Governance procedures for all infrastructure running in the cloud
Coordinate quarterly DAST scans, annual internal pen testing and annual third-party penetration testing across all Engage products
Maintain accurate security scorecards across all products. Work with product teams to prioritise work to improve security score. Communicate security risks to Precisely InfoSec Risk Board and senior leadership
Coordinate monthly vulnerability scans for all internal and cloud-hosted infrastructure
Achieve high scores in third party cybersecurity ratings including BitSight to maintain brand reputation for Engage assets
Maintain accurate inventory of open-source component usage across Engage products. Coordinate legal review for use of components that breach policies
Coordinate annual legal review of privacy across Engage products
Ensure all Engage products comply with US cryptography export regulations
Assist investigations into information security breaches under Precisely Incident Response process with Precisely CyberSecurity Operations Center ensuring root-causes of such breaches are understood and addressed
Assist as SME in responding to information security questionnaires during RFP process
Write and maintain technical security whitepapers for Engage software products

Qualification

Information Security ManagementISO 27001 CertificationGDPR ComplianceCyber Security EngineeringRisk ManagementCloud GovernancePenetration TestingDevOps KnowledgeContinuous ImprovementCommunicationStrategic ThinkingTeam ManagementProblem Solving

Required

Management of an Information Security Management System in a complex IT organisation encompassing service delivery, application development and IT infrastructure
Completion of Information Security questionnaires as part of RFP responses
Line management of team members
An excellent understanding of best practice within Information Security and risk management including standards such as ISO 27001
A strong understanding of one or more areas or legislation and regulations that impact information Security E.g. GDPR, HIPAA, PCIDSS, CCPA
An understanding of current and emerging threats and countermeasures and the product challenges to addressing these threats
An understanding of Application Security threats and countermeasures
A good practical knowledge of security technologies and wider business solutions including DevOps, Identity and Access Management, penetration testing tools, remote working and cloud technologies
The ability to work within a compliance or regulatory framework and to evidence continuous improvement
Excellent communication skills, both written and verbal. Ability to present complex or highly technical issues in simple and easy-to-understand formats
An ability to think and plan strategically and systematically while recognising the need to deliver to the business requirements
The ability to be pragmatic while balancing the needs of the business against security
The ability to cut through organisational and political barriers to achieve the overall goal
An appropriate degree, equivalent qualification or experience

Preferred

Certified Information Security Manager (CISM)
Certified Information Systems Security Professional (CISSP)
Certified Information systems Auditor (CISA)
Achieved Senior or Lead level certification in the NCSC's Certified Cyber Professional scheme in one or more of Security and Information Risk Advisor (SIRA), IA Architect, IA Auditor, IT Security Officer
Experience using GRC platforms to define and manage InfoSec policies, prepare for audits and manage risk
Experience of tooling to manage RFP responses
Perform SAST/DAST scans & Pen Test assessments
Experience with automated cloud compliance

Company

Precisely

twittertwittertwitter
Glassdoor4.1
company-logo
Precisely is a data integrity company that specializes in data integration, data quality, and location intelligence.
dateFounded in 1968
location
Burlington, Massachusetts, USA
people-size1001-5000 employees
web-link
https://www.precisely.com

H1B Sponsorship

Precisely has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1)
2024 (2)
2023 (6)

Funding

Current Stage
Late Stage
Total Funding
unknown
2022-04-21Private Equity
2021-03-03Acquired
2015-01-01Series Unknown

Leadership Team

leader-logo
Josh Rogers
Chief Executive Officer
linkedin
leader-logo
Tendü Yoğurtçu
CTO | Technology Strategy | Product Innovation | Data Management | AI | Cloud
linkedin

Recent News

PR Newswire UK
Fourth Annual Study Finds AI Confidence Outpaces Readiness as Data Integrity Gaps Persist
2026-01-22
PR Newswire
Precisely Achieves FedRAMP Authorization
2026-01-07
PR Newswire UK
Precisely Achieves ISO/IEC 27701 Certification, Strengthening Its Global Privacy Framework
2025-12-24
Company data provided by crunchbase