BUSINESS INFORMATION SECURITY OFFICER (BISO) at The Kroger Co. in Blue Ash, Ohio

Job Description:

Serve as the cybersecurity primary point of contact for the assigned business area and supports the implementation of the cybersecurity program. Serve as a security leader for area of responsibility and work closely with the CISO (Chief Information Security Officer). Enable the successful adoption of the enterprise s cybersecurity strategy and strategically supports the enablement and education of associates within assigned business area. Serve as interface between Kroger s cybersecurity organization, business leadership, technology-focused analysts, engineers and administrators. Demonstrates the company s core values of respect, honesty, integrity, diversity, inclusion and safety.From one tiny Cincinnati grocery store more than a century ago, we've grown into what today is the nation's largest grocer with nearly 2,800 stores in 35 states operating under 28 different names. As America's grocer, we take pride in bringing diverse teams with a passion for food and people together with one common purpose: To Feed the Human Spirit. With a history of innovation, we work tirelessly to create amazing experiences for our customers, communities AND each other, with food at the heart of it all.

Here, people matter. That's why we strive to provide the ingredients you need to create your own recipe for success at work and in life. We help feed your future by providing the value and care you need to grow. If you're caring, purpose-driven and hungry to learn, your potential is unlimited.

Whether you're seeking a part-time position or a new career path, we've got a fresh opportunity for you. Apply today to become part of our Kroger family!Minimum
- Bachelor's Degree computer science, information technology, engineering or information systems
- Any experience in Agile methodology
- Any experience in management consulting or equivalent experience of engaging strategically with senior business stakeholders
- Any extensive experience engaging senior leadership
- 10+ years cybersecurity or equivalent IT experience
- Strong communications skills and ability to work across multiple business areas in concert with the cybersecurity organization
- Cybersecurity certifications with demonstrated application of learned concepts: (ISC)2 CISSP (Certified Information Systems Security Professional)
- Strong relationship, team building and facilitation skills

Desired
- 2+ years of experience supporting and implementing OT security technology and processes for a Fortune 500 company- Surface potential risks within assigned business areas to the CISO
- Help execute the security program in partnership with business and cybersecurity leadership to identify and remediate risks in line with security requirements
- Collaborate with CISO to determine additional cybersecurity software or capabilities required for assigned business area; provide input on budgetary impact of recommended resources
- Propose changes to CISO on policies / procedures to ensure business enablement and regulatory compliance
- Translate information security policies into business practices
- Understand business requirements for respective areas and ensure alignment with cybersecurity programs
- Provide feedback to cybersecurity organization on security successes and learnings in the business
- Help business area leaders understand if and why policies are not being followed and help identify solutions
- Support CISO, IT and business stakeholders to define metrics and reporting strategies to effectively articulate progress of security program within assigned business
- Support strategic cybersecurity initiatives and improve field security awareness via training/campaigns
- Participate in requisite governance forums; ensure unresolved items of assigned business areas are discussed for resolution
- Provide input to incident response plans for business area as needed
- Pressure test and support cybersecurity organization and HR and Communications teams in developing relevant and targeted trainings and awareness campaigns
- Help deliver targeted trainings to stakeholders within business areas as required
- Act as a thought-partner with business leadership and cybersecurity organization to improve adoption of policies by proactively address cybersecurity awareness gaps
- Must be able to perform the essential job functions of this position with or without reasonable accommodation