Business Information Security Officer (BISO)

As the Business Information Security Officer (BISO) - India at Gallagher, you will be responsible for managing the Gallagher Cyber Information Security (GCIS) program for the Indian region. Your main tasks will include identifying, evaluating, and reporting on information security risks across all Gallagher divisions in India to meet compliance and regulatory requirements. You will work closely with various stakeholders such as IT Directors, Senior Business Leaders, and GCIS colleagues globally to ensure effective security measures are in place. **Key Responsibilities:** - Develop and prioritize the information security strategy and roadmap for India aligning with the GCIS security strategy. - Monitor and manage security incidents, vulnerabilities, and threats affecting Indian divisions, coordinating with global security teams for response and remediation. - Ensure compliance with laws, regulations, and contractual requirements related to information security in India. - Conduct security risk assessments and audits, identify and mitigate potential security risks. - Lead the implementation of security policies, standards, and procedures in India. - Manage the security budget for India efficiently. - Represent India in security governance forums and ensure alignment with regional security strategy. - Manage time-sensitive due diligence security audits and questionnaires for brokerage clients. - Ensure business suppliers and IT supply chain vendors do not introduce risk to Gallagher. - Participate in the Merger and Acquisition process with external companies, lawyers, and security consultants. **Qualifications Required:** - Bachelor's degree in computer science, information systems, or related field; master's degree preferred. - 8-10 years of information security experience, with 5 years in a leadership role. - Strong knowledge of security frameworks and standards like ISO 27001, NIST, PCI-DSS, and GDPR. - Experience in managing security incidents and crises. - Excellent communication and stakeholder management skills. - Familiarity with security technologies and cloud security. - Relevant certifications such as CISSP, CISM, or CRISC are preferred. - Lead auditor experience in ISO27001 preferred. At Gallagher, inclusion and diversity are core values embedded into the organization's fabric. Embracing employees" diverse identities, experiences, and talents allows the company to better serve clients and communities. Gallagher sees inclusion as a conscious commitment and diversity as a vital strength, reflecting "The Gallagher Way" to the fullest. The company extends equal employment opportunities and makes reasonable accommodations for qualified individuals with disabilities.,