Business Information Security Officer

BNY Mellon•New York, NY

1d•$80,000 - $203,000

About The Position

Business Information Security Officer At BNY, our culture allows us to run our company better and enables employees’ growth and success. As a leading global financial services company at the heart of the global financial system, we influence nearly 20% of the world’s investible assets. Every day, our teams harness cutting-edge AI and breakthrough technologies to collaborate with clients, driving transformative solutions that redefine industries and uplift communities worldwide. Recognized as a top destination for innovators, BNY is where bold ideas meet advanced technology and exceptional talent. Together, we power the future of finance – and this is what #LifeAtBNY is all about. Join us and be part of something extraordinary. We’re seeking a future team member for the role of Business Information Security Officer to join our Cybersecurity team. The ideal candidate will excel at ensuring that committed cybersecurity controls are effective and engaging the stakeholders. This role is in NYC, NY. In this role, you’ll make an impact in the following ways: Support the client facing BISO in serving a high-profile client on security commitments, including conducting reviews, preparing materials and tracking actions. Coordinate across Cybersecurity, business, and technology teams to align control adoption and remediation for the associated client platform in our operating model. Maintain clear, executive-ready reporting on control posture, open issues, and remediation progress; draft briefings and talking points for client interactions led by the Senior BISO. Execute security evaluations and due-diligence responses by gathering evidence, validating inputs with subject matter experts, and ensuring consistency and completeness. Monitor for emerging risks and operational gaps; escalate appropriately, document findings, and drive closure through agreed mitigation plans. Streamline workflows, templates, and trackers to improve transparency, reduce cycle time, and sustain a risk-aware culture across internal and third-party partners. Contribute to continuous improvement by updating playbooks, implementing automation and standardizing artifacts that support repeatable outcomes.

Requirements

Hands-on experience supporting client-facing security leaders or programs, ideally in financial services or consulting; comfortable working under guidance and delivering reliably.
Solid understanding of information risk management and security control adoption across cloud and on-prem environments; pragmatic approach to mitigation.
Strong coordination and execution skills—able to manage trackers, evidence collections, deadlines, and cross-functional workstreams with attention to detail.
Clear communicator who can synthesize complex topics into concise summaries and prepare high-quality materials for leadership and client discussions.
Proficiency with collaboration and productivity tools (e.g., M365), and familiarity with common security tooling and workflows.
Typically, 6-10 years of experience in information security or related technology experience required.
Bachelor’s degree or equivalent experience required

Nice To Haves

relevant security certifications (e.g., CISSP, CISM, CISA) preferred

Responsibilities

Support the client facing BISO in serving a high-profile client on security commitments, including conducting reviews, preparing materials and tracking actions.
Coordinate across Cybersecurity, business, and technology teams to align control adoption and remediation for the associated client platform in our operating model.
Maintain clear, executive-ready reporting on control posture, open issues, and remediation progress; draft briefings and talking points for client interactions led by the Senior BISO.
Execute security evaluations and due-diligence responses by gathering evidence, validating inputs with subject matter experts, and ensuring consistency and completeness.
Monitor for emerging risks and operational gaps; escalate appropriately, document findings, and drive closure through agreed mitigation plans.
Streamline workflows, templates, and trackers to improve transparency, reduce cycle time, and sustain a risk-aware culture across internal and third-party partners.
Contribute to continuous improvement by updating playbooks, implementing automation and standardizing artifacts that support repeatable outcomes.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume