Business Information Security Officer - Finance New York, NY Posted yesterday

Business Information Security Officer - Finance Location: New York Business Area: Legal, Compliance, and Risk Ref # 10052010 Description & Requirements What’s the Role? As a Business Information Security Officer (BISO) for Finance, you will protect the confidentiality, integrity, and availability of the Finance department’s information assets. You will identify and assess security risks and vulnerabilities, enforce security policies and controls, and partner with Finance leadership to ensure a secure posture that supports business needs and critical activities while aligning with the organization’s risk appetite and regulatory obligations. This role extends beyond a traditional advisory BISO model, with end-to-end ownership of DLP and surveillance controls, including active monitoring, investigation of data events, and escalation of policy violations and high-risk activity within the Finance environment. In doing so, you serve as the accountable security control lead for Finance, responsible for ensuring controls are effective today and continuously enhancing and scaling these capabilities as business risk, workflows, and technology evolve. This position requires a leader who can operate strategically with senior stakeholders while driving operational rigor and measurable control effectiveness. We’ll Trust You To: Serve as the Business Information Security Officer (BISO) representative for the Finance organization, aligning information security strategy with business objectives, risk tolerance, and regulatory requirements Partner with Finance leadership to identify, assess, and prioritise information security risks, translating technical findings into clear business impact and actionable mitigation strategies Provide security oversight to ensure secure configuration and governance across collaboration platforms, including Microsoft 365, across single‑tenant and multi‑tenant environments Advise on secure data sharing practices for highly sensitive financial, regulatory, and strategic data across internal teams and third parties Lead and support risk assessments and security reviews for Finance systems, workflows, and third‑party vendors, and effectively and succinctly communicate identified risks, recommended mitigation strategies, or formal risk acceptance requirements to business leadership for decision and implementation Oversee and administer Data Loss Prevention (DLP) and surveillance controls, including policy tuning and alert review to reduce risk of data exfiltration and policy violations Investigate data events and potential incidents, escalatie high‑risk findings to appropriate leadership and drive remediation to closure Review and interpret security monitoring logs, alerts, and metrics to identify trends, emerging risks, and control gaps Collaborate cross‑functionally with Security, Technology, Legal & Compliance, Risk and Finance stakeholders to provide cohesive security support to the Finance secure environment Synthesize complex datasets (e.g. metrics, event trends, audit findings) into actionable insights using Excel, Qlik, or similar dashboarding tools, and present findings in a concise, executive‑ready format Create tailored cybersecurity trainings and tabletop sessions for the Finance population Deliver concise, executive‑ready reporting and presentations that clearly articulate risk exposure, control effectiveness, and recommended remediation strategies Provide security oversight when introducing new business workflows, including SaaS applications and/or AI tools, ensuring appropriate risk assessment and control implementation prior to deployment, in partnership with Security, Technology, and Risk teams as appropriate You’ll Need To Have: Experience in information security, technology risk, or cyber risk management, preferably within a financial services or highly regulated environment Strong understanding of Microsoft 365 architecture, including identity and access management, tenant configurations (single and multi‑tenant models), and secure collaboration controls Experience implementing or governing secure cloud collaboration environments at scale Hands‑on experience with DLP technologies, surveillance programs, data classification frameworks, and secure data handling practices Experience conducting and documenting risk assessments, control testing, and gap analyses Familiarity with security monitoring, log analysis, and incident response processes Demonstrated ability to work across business, technology, and security stakeholders to influence risk‑based decisions Strong analytical skills with the ability to synthesize large data sets using Excel, Qlik, or similar reporting tools Excellent written and verbal communication skills, with the ability to present complex risk concepts clearly to senior business leaders Ability to balance multiple projects at once, prioritize work, develop and communicate timelines Ability to excel at working in fast‑paced environment both independently and collaboratively with the broader teams Strong analytical and creative problem‑solving skills with the ability to develop innovative data driven solutions that address business needs Strong attention to detail Ability to balance multiple projects at once, prioritize work, develop and communicate timelines We’d Love To See: Professional certifications such as CISSP, CISM, or similar Experience supporting Finance, Treasury, or Regulatory Reporting functions Knowledge of financial regulations impacting data protection and record‑keeping (e.g. SOX, SEC, FINRA, DORA or global equivalents) Background in surveillance monitoring programs or insider threat risk management A proactive, solutions‑oriented mindset with a strong sense of ownership and accountability Advanced systems experience: SQL databases, Python Salary Range = 215,000 - 290,000 USD Annual + Benefits + Bonus The referenced salary range is based on the Company's good faith belief at the time of posting. Actual compensation may vary based on factors such as geographic location, work experience, market conditions, education/training and skill level. We offer one of the most comprehensive and generous benefits plans available and offer a range of total rewards that may include merit increases, incentive compensation (exempt roles only), paid holidays, paid time off, medical, dental, vision, short and long term disability benefits, 401(k) +match, life insurance, and various wellness programs, among others. The Company does not provide benefits directly to contingent workers/contractors and interns. Discover what makes Bloomberg unique - watch our for an inside look at our culture, values, and the people behind our success. Bloomberg is an equal opportunity employer and we value diversity at our company. We do not discriminate on the basis of age, ancestry, color, gender identity or expression, genetic predisposition or carrier status, marital status, national or ethnic origin, race, religion or belief, sex, sexual orientation, sexual and other reproductive health decisions, parental or caring status, physical or mental disability, pregnancy or parental leave, protected veteran status, status as a victim of domestic violence, or any other classification protected by applicable law. Bloomberg is a disability inclusive employer. Please let us know if you require any reasonable adjustments to be made for the recruitment process. If you would prefer to discuss this confidentially, please email View email address on click.appcast.io #J-18808-Ljbffr Bloomberg L.P.