Business Information Security Officer

About Analog Devices

Analog Devices, Inc. (NASDAQ: ADI ) is a global semiconductor leader that bridges the physical and digital worlds to enable breakthroughs at the Intelligent Edge. ADI combines analog, digital, and software technologies into solutions that help drive advancements in digitized factories, mobility, and digital healthcare, combat climate change, and reliably connect humans and the world. With revenue of more than $9 billion in FY24 and approximately 24,000 people globally, ADI ensures today's innovators stay Ahead of What's Possible . Learn more at and on LinkedIn and Twitter (X).

Business Information Security Officer

PRINCIPAL DUTIES AND RESPONSIBILITIES

Relationship Management:

• Strong consulting skills with an ability to communicate with multiple departments and levels of management to resolve technical and procedural security risks.
• Ability to clearly communicate and report detailed status to senior management and peers.
• Proactively engage various stakeholders in the business unit as appropriate to get their 'buy in' for security initiatives.
• Be successful at influencing changes without direct reporting line authority.
• Reporting status of progress through scorecards at various levels of the organization, including functional score cards, management score cards, and executive score cards.

Compliance and Risk Leadership:

• Demonstrated experience in identifying, assessing, and resolving product security risks and compliance measures.
• Operate as an intermediary for various Risk and Compliance programs (Responsible AI, Cybersecurity, Internal Audit, Business Continuity, Privacy, Product Security, Security Engineering) to ensure the applicable requirements have been tailored to the organization that the BISO aligns too.
• Establish agreement and lead RACI documentation efforts for process improvements related to security and compliance management.
• Help promote training, awareness and best practices within BU operations teams with regard to needed processes and procedures to maintain a secure operating model.
• Strong project management skills with experience defining objectives, identifying resource needs, and ability to execute detailed plans towards goal completion.

Business Process Analysis:

• Ability to identify information security risks, or research and quantify risks reported by others, within de-centralized processes and then articulate and drive proper treatment of risk, including logging and managing exceptions on-going, with relevant stakeholders.
• Ability to frame business process improvement in the context of a departmental or enterprise wide view.

Sales Support:

• Review end customer contracts and provide support for deal closure within the context of what security requirements and liabilities are needed.
• Manage customer audits and RFP responses for BU

Management:

• Influence without authority, collaborate to drive a common compliance methodology and risk management methodology to support consistencies across de-centralized teams.
• Required to act as a team lead to support success of key compliance initiatives, taking the lead role, and assigning/delegating tasks across distributed teams, keeping track of cross functional milestones and deliverables, and driving timely completion in support for the business objectives to operate in a compliant manner.
• Mentoring for non-security personnel across the business.

Compliance Frameworks:

• Individual should have a thorough understanding of cyber security best practices.
• Experience with applying cyber security governance frameworks into a business process including ISO 27002, COBIT, or COSO.
• Experience with various compliance, privacy, and regulatory standards including Sarbanes-Oxley, SSAE 16, PCI-DSS, ISO 27001, HIPAA, TiSAX, CMMC, and Responsible AI frameworks and state and international privacy laws.
• Experience administering and/or auditing various information security technologies/areas including firewalls, intrusion detection, encryption, Linux O/S, Windows O/S, databases, antivirus, patch management, vulnerability scanning, backup, logging and monitoring, remote access, application development, and change management.
• Other duties as required.

SKILLS

• Exceptional verbal, written and presentation skills are required.
• Ability to manage relationships with senior executives.
• Ability to create business / project plans across business units.
• Understanding of technical concepts within security risk and compliance.
• Understanding of business concepts and business process improvement.
• Self-starter with the demonstrated ability to drive engagement and cooperation across de-centralized teams.
• A sense of urgency.
• Ability to prioritize.
• Ability to handle multiple simultaneous projects.
• Ability to articulate technical topics to non-technical personnel.
• Professional designations are preferred including: CISSP, CISM, CISA, QSA, & CRISC.

Education Required:

A Bachelors Degree in Business, CIS, MIS or related discipline is required. A Masters Degree is desirable.

Experience Required:

The successful candidate should have 10+ years experience in cyber security or technology audit. A background in consulting or public accounting at a top tier firm is desirable. Experience managing Cyber Security and compliance programs across large organizations / business units is desired.

For positions requiring access to technical data, Analog Devices, Inc. may have to obtain export licensing approval from the U.S. Department of Commerce - Bureau of Industry and Security and/or the U.S. Department of State - Directorate of Defense Trade Controls. As such, applicants for this position - except s, US Permanent Residents, and protected individuals as defined by 8 U.S.C. 1324b(a)(3) - may have to go through an export licensing review process.

Analog Devices is an equal opportunity employer. We foster a culture where everyone has an opportunity to succeed regardless of their race, color, religion, age, ancestry, national origin, social or ethnic origin, sex, sexual orientation, gender, gender identity, gender expression, marital status, pregnancy, parental status, disability, medical condition, genetic information, military or veteran status, union membership, and political affiliation, or any other legally protected group.

EEO is the Law: Notice of Applicant Rights Under the Law.
Job Req Type: Experienced

Required Travel: Yes, 10% of the time

Shift Type: 1st Shift/Days

The expected wage range for a new hire into this position is $184,000 to $253,000.

• Actual wage offered may vary depending on work location, experience, education, training, external market data, internal pay equity, or other bona fide factors.
• This position qualifies for a discretionary performance-based bonus which is based on personal and company factors.
• This position includes medical, vision and dental coverage, 401k, paid vacation, holidays, and sick time, and other benefits.