Recruitment – Position: Country BISO

Recruitment – Position: Country BISO

Position: Country BISO.

This document defines the skills required to perform the responsibilities of a Country BISO and serves as a guide in fulfilling his/her responsibilities:

A Country Business Information Security Officer (BISO) is accountable for all IS activities including but not limited to oversight the IS Risk Management to the Franchise and its processes.

Reports to a business manager with a matrix line to a GISO.

BISO Profile

  1. Master in IS/IT related area preferable.
  2. At least 5 years’ experience in IS and at least 2 IS programs including, but not limited to, Audit Reviews, IS Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Incident Management, Vulnerability Assessment.
  3. Knowledge of key government regulations and local laws.


  1. Excellent consulting and problem solving skills.
  2. Able to convey ideas to senior management and staff.
  3. Advanced IT technical knowledge.
  4. In depth knowledge of IS programs.
  5. Advanced presentation skills, program management, and relationship management skills.
  6. Able to work with senior business management to implement IS strategy.

IS Certification

Minimum one encouraged (CISSP, CISM, or CISA)

Main responsibilities:

  1. Ensures alignment of IS program with business strategy.
  2. Drives constructive procedural changes to ensure effective risk-based implementation of IS requirements.
  3. Summarizes the IS status to the business in business terms.
  4. Oversees compliance with all business IS program elements, policies, standards, and guidelines; e.g., CISS.
  5. Establishes relationships with business managers and is consulted as a subject matter expert in multiple areas.
  6. Participates in sector-level and corporate-level governance or program processes / committees to provide adequate representation for some aspect of program management. E.g., ISRA Working Group, TPISA Working Group.
  7. Proactively manages risk and control through the identification, escalation, and solution development for compliance and audit issues including direct interaction and coordination with internal control officers.



No Comments

Sorry, the comment form is closed at this time.

Call CIO Vietnam Team