BU Cyber Specialist

Cybersecurity Risk Identification and Mitigation:

Identify cybersecurity risks within the business unit’s operations, including systems, processes, and workflows.

Work with cross-functional teams to implement appropriate security measures and controls to reduce risk.

Provide guidance on threat mitigation strategies and assist with implementing security measures to address identified vulnerabilities.

Security Incident Response:

Act as a key contributor to the business unit’s cybersecurity incident response plan.

Assist in investigating and analyzing security incidents, ensuring timely detection, containment, and resolution of security breaches.

Work closely with the incident response team to execute response strategies and remediate vulnerabilities.

Collaboration with IT and Business Teams:

Partner with IT teams to ensure secure implementation and maintenance of business unit systems and applications.

Collaborate with business unit leaders to integrate cybersecurity best practices into daily operations, projects, and system development.

Provide security guidance and support to business units when implementing new technologies, applications, or processes.

Compliance and Regulatory Support:

Ensure the business unit complies with relevant cybersecurity regulations, standards, and internal policies (e.g., GDPR, ISO 27001, NIST).

Assist with audits and assessments to verify compliance with industry-specific cybersecurity requirements.

Provide recommendations for improving security posture to ensure compliance with relevant regulations.

Security Awareness and Training:

Assist in the development and delivery of cybersecurity awareness and training programs tailored to the business unit’s needs.

Provide guidance to business unit staff on security best practices, including data protection, password management, and secure communication.

Promote a security-conscious culture within the business unit by conducting ongoing awareness activities and security drills.

Security Tools and Technologies:

Support the implementation, configuration, and management of cybersecurity tools and technologies within the business unit.

Assist with monitoring and maintaining the security of business unit systems, including vulnerability scanning, network monitoring, and endpoint protection.

Provide recommendations on security tools and technologies that align with the business unit’s needs and the organization's overall cybersecurity strategy.

Reporting and Communication:

Report on cybersecurity risks, incidents, and initiatives to the Business Unit Cyber Lead and other relevant stakeholders.

Maintain documentation of security activities, incidents, and ongoing efforts to improve cybersecurity posture.

Communicate security risks and recommended actions to business unit leadership in a clear and concise manner.

Continuous Improvement and Best Practices:

Stay up to date with the latest cybersecurity trends, threats, and technologies to ensure that the business unit remains secure against emerging risks.

Continuously evaluate and improve cybersecurity practices and procedures within the business unit to adapt to the evolving threat landscape.

Assist in the development and implementation of security best practices for the business unit.

Key Stakeholders - Internal

Business Unit Heads and Department Heads

Business Unit Cyber Lead

Information Security and IT teams

Legal, HR, and Compliance teams

Risk Management Teams

Key Stakeholders - External

Regulatory Authorities and Compliance Organizations

Security Vendors and Third-Party Service Providers

External Auditors