Business Information Security Officer

At Franklin Templeton, we’re advancing our industry forward by developing new and innovative ways to help our clients achieve their investment goals. Our dynamic and diversified firm spans asset management, wealth management, and fintech, offering many ways to help investors make progress toward their goals.

What is an ICT Risk Officer / Business Information Security Officer (BISO) responsible for?

The ICT Risk Officer / Business Information Security Officer (BISO) will provide oversight, strategy and serve as a trusted advisor on behalf of FTIS, Luxembourg ManCo and Global Service Organizations. This role provides support, leadership and guidance for Franklin Templeton Risk, Security and Technology programs supporting local and enterprise business initiatives.

This role works with the business across multiple services to enhance and mature risk frameworks while advising decisions with business, technical and security risk in mind. The role must understand information security risks, governance, technologies and local regulations. As a business enabler, the Risk Officer and BISO role is an effective communicator with the technical aptitude to drive risk fundamentals into aspects of the business.

What are the ongoing responsibilities of a Business Information Security Officer?

1. Serve as a trusted advisor with FTIS, Luxembourg ManCo Conducting Officer(s) and business leadership.
2. Work closely with risk, security and business leadership to instill policies and practices to address operational, incident, application and infrastructure risk.
3. Act as a liaison to ensure practices are built into business initiatives for the entire lifecycle.
4. Be actively informed and engaged in projects and strategic efforts across the business.
5. Enforce the strong risk and security culture, ensuring uniformity across risk leadership, business units and employees.
6. Advise business units on enterprise-wide people, process and technology security recommendations.
7. Maintain up-to-date knowledge related to security threats, vulnerabilities and mitigations set forth to reduce the attack surface; circulate this knowledge through the business units.
8. In conjunction with security and Conducting Officer(s), define key performance indicators (KPIs), metrics and reports.
9. Stay abreast of new laws, regulations and standards, and assess their business impact. Act as point of contact with the CSSF.
10. Review and approve risk exceptions (with the support of the Conducting Officer).
11. Support Security and Risk Audit Process and Procedures.

What ideal qualifications, skills & experience would help someone to be successful?

Required Qualifications:

1. 6-10 years cybersecurity and/or risk experience (or information technology coupled with cybersecurity).
2. Strong written and verbal communication skills across all levels of the organization.
3. Capable of working with diverse teams and promoting an enterprise-wide positive security culture.
4. High level of integrity, trustworthiness and confidence, and able to represent the company and security leadership with the highest level of professionalism.
5. Adept at understanding business focus and processes and ability to inject cybersecurity into the business through teamwork and influence.
6. Experience leading geographically distributed and culturally diverse workgroups.
7. Excellent written and verbal communication skills, French and English language fluency strongly preferred.
8. Strong organization and planning skills.
9. Strong interpersonal / relationship management skills.
10. Bachelor's degree in Computer Information Systems, Computer Science, or an equivalent combination of education, certification, and experience.

Desired Qualifications:

1. Experience in Financial Services.
2. CISSP, CRISC, CISM and/or SANS certification a plus.
3. Prior experience in a Risk, IT Engineering, Architect or Operations Service Delivery role.

Franklin Templeton is an Equal Opportunity Employer. We are committed to providing equal employment opportunities to all applicants and existing employees.