Divisional Business Information Security Officer, Director Job ID 207215 Posted 23-Jun-2025 Service line Corporate Segment Role type Full-time Areas of Interest Data & Analytics, Digital & Technology/Information Technology Location(s) Dallas - Texas - United States of America, Richardson - Texas - United States of America **About The Role:** As a CBRE Divisional Business Information Security Officer Director, you will serve as a trusted advisor between cybersecurity, the business, and technology teams for the assigned division. You'll facilitate effective communication and action between the teams and other critical partners (i.e. legal, risk teams, internal audit, etc.) to align security with business goals and overall success of CBRE. **What You'll Do:** + Provide regular briefings to divisional leadership on security posture, risks, and risk reduction/mitigation efforts. Drive business awareness with business and technology teams and partner on improvements. + Support and collaborate with the CISO, Global BISO, Cyber Incident Response, Security Operations Center and Client Assurance teams, in response to division-specific security incidents, coordinating with broader security, technology, legal, compliance and corporate communication teams, as needed. + Drive cyber control adoption, remediation of cybersecurity issues (audit findings, regulatory compliance items, contractual compliance issues, etc.), and cybersecurity control gaps through coordination and communication of remediation plans. + Assist the CBRE Client Assurance team with division-related client requests by providing business insights and applying your knowledge of the business to connect the team with partners. + Assist with timely development, implementation, and evolution of cybersecurity-related processes, including application registration, cyber risk evaluation, cybersecurity control self-assessment processes, and more. + Serve in a consulting function to identify relevant cybersecurity requirements (example – MFA, WAF, etc.) for projects/initiatives, in partnership with appropriate product teams and subject-matter experts. Drive the implementation of security into products and services, balancing business needs with security requirements. + Monitor cybersecurity objectives and measures and assist teams with prioritization of cybersecurity-related efforts needed to address control adoption and/or operational control deficiencies. + Educate division staff on cybersecurity standard processes, integration of cybersecurity controls, and importance of meeting targets for cybersecurity-related operational measures. + Ensure training is relevant, impactful and aligned with the specific needs of the assigned division. + Facilitate and assist with creation, delivery, evaluation and tailoring of security awareness training for employees, to reduce human-centric security risks. **What You'll Need:** To perform this job, an individual will need to perform each duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform functions. + Bachelor’s Degree in Cybersecurity, Computer Science, Information Technology, Business Administration or related subject area. + Prior experience serving as a BISO or ISO is preferred. + 3+ years in technology or as a technology partner. + 8+ years experience in one or more cyber domains (i.e. security operations, security engineering, network security, identity and access management, etc.) with executive reporting responsibilities. + 5+ years with a risk management domain (i.e. technology risk, cybersecurity risk, enterprise risk, etc.); prior experience within cybersecurity risk management is preferred. + Certifications are a plus, including ITIL, CISSP, CISM, CRISC, CISA, Cloud Security Practitioner. + Familiarity with key cybersecurity compliance standards (i.e. ISO27001, etc.), frameworks (i.e. NIST CSF, NIST 800-171, etc.), and regulations relevant to cybersecurity (i.e. DORA, GDPR, etc.). + Strong and broad understanding of cybersecurity, risk management, and technology with ability to learn technical aspects of specific technology domains, as needed. + Proven ability to build and maintain strong relationships with key stakeholders, including at the executive level, as well as with technical subject-matter experts. + Ability to assess and prioritize security risks based on their potential impact on the business. + Must be take initiative and be resourceful with ability to work independently, as well as with teams, and is eager to learn. Must be passionate about how cybersecurity and technology enable the business. + Must be proficient with MS Office suite of productivity tools as well as collaboration tools. **Why CBRE** When you join CBRE, you become part of the global leader in commercial real estate services and investment that helps businesses and people thrive. We are dynamic problem solvers and forward-thinking professionals who create significant impact. Our collaborative culture is built on our shared values — respect, integrity, service and excellence — and we value the diverse perspectives, backgrounds and skillsets of our people. At CBRE, you have the opportunity to realize your full potential. **Our Values in Hiring** At CBRE, we are committed to fostering a culture where everyone feels they belong. We value diverse perspectives and experiences, and we welcome all applications. **Disclaimers** Applicants must be currently authorized to work in the United States without the need for visa sponsorship now or in the future. **Equal Employment Opportunity:** CBRE has a long-standing commitment to providing equal employment opportunity to all qualified applicants regardless of race, color, religion, national origin, sex, sexual orientation, gender identity, pregnancy, age, citizenship, marital status, disability, veteran status, political belief, or any other basis protected by applicable law. **Candidate Accommodations:** CBRE values the differences of all current and prospective employees and recognizes how every employee contributes to our company’s success. CBRE provides reasonable accommodations in job application procedures for individuals with disabilities. If you require assistance due to a disability in the application or recruitment process, please submit a request via email at recruitingaccommodations@cbre.com or via telephone at +1 866 225 3099 (U.S.) and +1 866 388 4346 (Canada). CBRE, Inc. is an Equal Opportunity and Affirmative Action Employer (Women/Minorities/Persons with Disabilities/US Veterans)