1

Biso Jobs (NOW HIRING)

Position Overview Provides reporting, analytics, and portfolio management support to the BISO organization through the development of executive dashboards, performance metrics, and project reporting.

next page

Showing results 1-20

Biso information

See salary details

$36.5K

$89K

$156.5K

How much do biso jobs pay per year?

As of Jul 15, 2026, the average yearly pay for biso in the United States is $88,983.00, according to ZipRecruiter salary data. Most workers in this role earn between $55,500.00 and $130,500.00 per year, depending on experience, location, and employer.

What is a biso vs CISO?

A BISO (Business Information Security Officer) is responsible for aligning cybersecurity strategies with business goals and managing security risks at the operational level. A CISO (Chief Information Security Officer) holds a senior executive role overseeing the entire organization's security program, policies, and compliance. Both roles require strong security knowledge, but the CISO typically has broader strategic and leadership responsibilities.

What is the difference between Biso vs Data Analyst?

AspectBisoData Analyst
Required CredentialsTypically a diploma or certification in business or financeBachelor's degree in statistics, data science, or related field
Work EnvironmentOffice settings, financial institutions, or corporate environmentsOffice or remote, working with data sets and reporting tools
Industry UsageFinance, banking, and business sectorsTechnology, marketing, healthcare, and finance
Common Search/ComparisonOften compared for roles involving business operations and data handlingMore focused on data analysis and interpretation

The main difference between a Biso and a Data Analyst lies in their focus and skill set. Biso roles typically emphasize business operations and financial processes, requiring certifications in business or finance. Data Analysts focus on analyzing data, requiring skills in statistics and data tools. While both work with data, Biso professionals are more involved in business decision support, whereas Data Analysts interpret data to inform strategies.

What is a biso role?

A Biso role typically refers to a position within a company or organization, often related to specific operational or technical responsibilities. The exact duties depend on the industry and context, but it may involve tasks such as project coordination, technical support, or administrative functions. Relevant skills often include communication, organization, and familiarity with industry-specific tools or processes.

How much does a CISO get paid?

A Chief Information Security Officer (CISO) typically earns between $150,000 and $250,000 annually, with salaries varying based on company size, industry, and experience. CISOs often hold advanced certifications like CISSP and have extensive cybersecurity management experience, which can influence compensation.

What are the key skills and qualifications needed to thrive as a Business Information Security Officer (BISO), and why are they important?

To thrive as a Business Information Security Officer (BISO), you need a solid background in information security, risk management, and a relevant degree such as computer science or cybersecurity, often complemented by certifications like CISSP or CISM. Familiarity with security frameworks (such as NIST or ISO 27001), incident response tools, and governance, risk, and compliance (GRC) systems is typically required. Strong communication, relationship-building, and strategic thinking skills help BISOs bridge gaps between IT security and business objectives. These skills are critical for aligning security initiatives with business needs, protecting organizational assets, and ensuring regulatory compliance.

What is the salary of a biso?

The salary of a Biso varies depending on the industry, location, and experience level. Typically, Biso roles may offer hourly wages or annual salaries within the entry to mid-level range, often supplemented by benefits and opportunities for skill development. Exact figures can be found through specific job postings or industry salary surveys.

What are the main responsibilities and challenges faced by a Business Information Security Officer (BISO) in supporting both business objectives and cybersecurity initiatives?

A Business Information Security Officer (BISO) acts as a bridge between the cybersecurity team and business units, ensuring that security strategies align with business goals. Their key responsibilities include assessing security risks, advising on compliance, and facilitating the integration of security measures into business processes. One common challenge is balancing the need for robust security controls with the business's desire for agility and innovation. BISOs often collaborate closely with IT, compliance, and executive leadership, requiring excellent communication and negotiation skills. This role provides opportunities for career growth into senior security leadership or broader risk management positions.

What are BISO roles and what do they do?

BISO stands for Business Information Security Officer. A BISO acts as a bridge between an organization’s business units and its information security team. They are responsible for ensuring that security strategies align with business objectives, managing business-specific security risks, and promoting a culture of security awareness within their assigned unit. BISOs often work closely with executives, IT teams, and compliance officers to implement security policies, respond to incidents, and ensure regulatory compliance.
What cities are hiring for Biso jobs? Cities with the most Biso job openings:
What are the most commonly searched types of Biso jobs? The most popular types of Biso jobs are:
What states have the most Biso jobs? States with the most job openings for Biso jobs include:
Infographic showing various Biso job openings in the United States as of July 2026, with employment types broken down into 100% Full Time. Highlights an 80% In-person, and 20% Hybrid job distribution, with an average salary of $88,983 per year, or $42.8 per hour.
Cybersecurity Business Information Security Officer (BISO)

Cybersecurity Business Information Security Officer (BISO)

Bechtel

Reston, VA • On-site, Remote

Full-time, Part-time

Medical, Dental, Vision, Retirement, PTO

Posted 13 days ago


Bechtel rating

8.0

Company rating: 8.0 out of 10

Based on 63 frontline employees who took The Breakroom Quiz

152nd of 369 rated engineering


Job description

Requisition ID:  292702

  • Relocation Authorized:  None
  • Telework Type: Part-Time Telework 
  • Work Location: Reston, VA, Houston, TX
  • For Reston, VA position: Salary Range: $ 168,900 - $ 244,300 annually (salary range is based on market data; final salary offered is determined by education, experience, and qualifications of the applicant.)
Extraordinary teams building inspiring projects:

Since 1898, we have helped customers complete more than 25,000 projects in 160 countries on all seven continents that have created jobs, grown economies, improved the resiliency of the world's infrastructure, increased access to energy, resources, and vital services, and made the world a safer, cleaner place. 

Differentiated by the quality of our people and our relentless drive to deliver the most successful outcomes, we align our capabilities to our customers' objectives to create a lasting positive impact. We serve the Infrastructure; Nuclear, Security & Environmental; Energy; Mining & Metals, and the Manufacturing and Technology markets. Our services span from initial planning and investment, through start-up and operations. 

Core to Bechtel is our Vision, Values and Commitments. They are what we believe, what customers can expect, and how we deliver. Learn more about our extraordinary teams building inspiring projects in our Impact Report. 

Job Summary:

Reporting to the Manager of Business Engagement, the Cybersecurity Business Information Security Officer – BISO, serves as the primary interface between Bechtel’s Global Business Units (GBUs) and the enterprise cybersecurity organization. The role ensures cybersecurity strategy, risk management, and assurance activities are embedded into business operations, engineering delivery, and project execution. The role is accountable for proactively identifying, assessing, and managing cybersecurity risks within the business; providing assurance that controls meet Bechtel policies, standards, and regulatory obligations; and ensuring alignment with evolving business, customer, and regulatory cybersecurity requirements. Enables secure innovation, facilitates technology adoption, and leads cybersecurity risk posture and assurance.

*This position can be based in Reston, VA or Houston, TX.

Major Responsibilities:

Risk Management & Assurance:

Serves as the primary cybersecurity risk advisor to assigned GBU’s, ensuring cyber risks are proactively assessed and managed in alignment with Bechtel’s risk appetite. 

Owns and oversees the GBU cybersecurity risk posture, ensuring appropriate governance, assurance, audit readiness, and compliance. 

Drives and aligns cybersecurity risk assessments for business processes, digital engineering platforms, cloud solutions, AI initiatives and third-party integrations. 

Ensures remediation plans for identified risks are clearly defined, tracked, and executed. 

Supports internal and external audits, regulatory reviews, and customer-driven cybersecurity assessments. 

Partners with Third-Party Risk Management to assess and manage cybersecurity risks associated with suppliers, joint ventures, subcontractors, and strategic partners. 

Business Alignment & Secure Enablement:

Acts as the primary bridge between business leadership and cybersecurity, ensuring security priorities align with business objectives, project delivery timelines, and regulatory obligations. 

Advises business stakeholders through IT and digital intake processes as it relates to cybersecurity, including review of technical documentation and facilitation of cybersecurity and enterprise architecture reviews for new and changed technologies. 

Works directly with GBU leadership to understand customer-driven, contract-driven, and regulatory cybersecurity requirements in the regions and sectors they operate. 

Translates business requirements into clear cybersecurity needs and work with central cybersecurity teams to ensure alignment, feasibility, and timely delivery of controls. 

Enables the secure adoption of emerging technologies (e.g., cloud platforms, digital engineering solutions, data analytics, AI, and OT systems) while maintaining appropriate risk management and assurance. 

Advisory, Communication & Change Leadership:

Advises business leaders, project teams, and functional stakeholders on cybersecurity requirements, risk considerations, and best practices. 

Serves as GBU POC and coordinates incident response activities within Cyber Defense Center. 

Promotes a culture of shared accountability for cybersecurity risk and operational resilience. 

Provides leadership with tailored dashboards, metrics, and reports on cybersecurity risk posture, trends, compliance status, and assurance outcomes. 

Acts as a change ambassador, supporting business units through technology and process changes while maintaining resilience and delivery commitments.

Education and Experience Requirements:

Requires bachelor’s degree in a relevant discipline plus 8 years progressive experience in information security, cybersecurity, or risk management roles - including 2 years working directly with business units or in a liaison role aligning technology and business objectives.

Prefer 3-5 years’ experience in governance, risk, compliance, or regulated environments (e.g., FIMSA, GBLA, export controls, or large-scale infrastructure programs).

Required Knowledge and Skills:

Demonstrated experience in stakeholder engagement and executive-level communication, with the ability to influence InfoSec/Cyber/Assurance outcomes across complex, matrixed organizations. 

Experience with industry-recognized frameworks and standards such as NIST, ISO/IEC 27001/27002, CSA, or equivalent. 

Demonstrated experience driving proactive identification and mitigation of cybersecurity risks within business and project delivery environments. 

Experience managing or influencing enterprise-level initiatives, including application portfolios, digital platforms, and IT intake and governance processes. 

Demonstrated project and program management skills. 

Prefer Project Management Professional (PMP) Certification or formal Project Management training. 

Prefer Certified Information Systems Security Professional (CISSP). 

Prefer Certified Information Security Manager (CISM).

Total Rewards/Benefits:

For decades, Bechtel has worked to inspire the next generation of employees and beyond! Because our teams face some of the world's toughest challenges, we offer robust benefits to ensure our people thrive.  Whether it is advancing careers, delivering programs to enhance our culture, or providing time to recharge, Bechtel has the benefits to build a legacy of sustainable growth. Learn more at Bechtel Total Rewards

Diverse teams build the extraordinary:

As a global company, Bechtel has long been home to a vibrant multitude of nationalities, cultures, ethnicities, and life experiences. This diversity has made us a more trusted partner, more effective problem solvers and innovators, and a more attractive destination for leading talent.

We are committed to being a company where every colleague feels that they belong-where colleagues feel part of "One Team," respected and rewarded for what they bring, supported in pursuing their goals, invested in our values and purpose, and treated equitably. Click here to learn more about the people who power our legacy.

At Bechtel, our employees enjoy a competitive total rewards package that includes comprehensive medical, dental, and vision plans, along with optional disability and supplemental insurance options, generous paid time off (160 hours annually, accrued 6.16 hours per pay period), nine paid holidays, paid parental leave, discretionary bonuses, and a well-designed 401K plan with matching and profit-sharing components

Bechtel is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, age, national origin, disability, citizenship status (except as authorized by law), protected veteran status, genetic information, and any other characteristic protected by federal, state or local law. Applicants with a disability, who require a reasonable accommodation for any part of the application or hiring process, may e-mail their request to acesstmt@bechtel.com


What Bechtel employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom