Information Security Officer US Markets

Impact You’ll Make:   

This role will act as a key Advisor of the US Markets Information Security Officer Team and is responsible fo: 

• Partnering with TU Product leadership to embed security considerations (security-by-design) into the product architecture, lifecycle, and applications of business projects.   

• Serving as the trusted cybersecurity advisor for business unit leaders, providing expert advice on security requirements, risks, and best practices.  

• Defining and assigning acceptable levels of risk and lead the development of risk management strategies.  

• Aligning with enterprise security leaders to scale security through automation and tooling within BU workflows.  

• Maintaining a deep understanding of BU products, infrastructure, and threat landscapes to inform security decisions.  

• Providing guidance on security architecture and engineering, especially in cloud environments (AWS, GCP).  

• Providing regular reports on the business unit's security posture and tracking key performance indicators (KPIs) and key risk indicators (KRIs).   

• Anticipating needs and creating clarity for BU stakeholders regarding top risks and posture status.  

• Supporting TU and enterprise compliance with frameworks and standards such as FedRAMP, FISMA, NIST, ISO 27001, PCI, and SSAE18.  

• Delivering security milestones and projects on time.  

• Effectively managing matrixed resources and providing consistent status updates.   

This is a remote, hybrid position and involves regular performance of job responsibilities virtually as well as in-person at an assigned TU office location for a minimum of two days a week. 

What You’ll Bring:  

• 7+ years of experience in cybersecurity, risk management, or governance in a technology-related industry.  

• 3+ years of experience PCI-DSS and SOC2 compliance and audit management and execution 

• 2+ years of experience with FedRAMP/FISMA and other regulatory frameworks.  

• Strong working knowledge of cybersecurity functions including vulnerability management, incident response, and security engineering (e.g., WAFs, IPS, endpoint security).  

• Proven ability to influence and negotiate with stakeholders across competing priorities.  

• Exceptional communication and interpersonal skills to build trust and alignment with BU and enterprise teams.  

• Experience working with global, multidisciplinary teams.  

• Bachelor’s degree in a technology-related field; CISSP, CISA, or Security+ certification preferred.  

• Ability to travel domestically up to 10%.   

What We’d Like to See  

• 2+ years of experience in Application Security, Security Architecture, and cloud security (AWS, GCP).