If you are an internal associate, please login to Workday and apply through Jobs Hub. Job Purpose The Information Security Business Manager (ISBM) serves as the primary relationship manager between JFI's organizational structure and the Jackson Information Security & Privacy (JISP) team. The ISBM functions as the security leader within their area of responsibility and partners with management on Information Security & Privacy related projects and issues. The position is both hands-on and strategic, requiring working knowledge of multiple related disciplines as well as the business units they are aligned with. This position works with business management to anticipate Information Security and Privacy related needs and is proactive in communicating business objectives, issues, and impacts from their business units to JISP and associated leadership. The ISBM is responsible for establishing and driving a business-aligned Information Security program focused on assisting the assigned business unit management in identifying and addressing risks while also ensuring compliance with JISP requirements. The ISBM serves as the trusted advisor and advocate to both the business and to JISP. This role will liaise between the business and Information Security, keeping clear lines of communication while assisting with business area compliance with the related Policies and Standards by facilitating continuous monitoring and reporting on risks, controls, and documented exceptions per the Information security control framework. Essential Responsibilities Coaches and provides sound Information Security direction, advice and consultation to business groups. Facilitates control assessments over Information Security management controls. Facilitates implementation of appropriate access using knowledge of business roles and assists management with performing regular access certifications. Serves as primary point of contact for businesses, functions, or affiliates for Information Security & Privacy. Proactively engages the businesses to identify, document and drive remediation of risks by working with the business to design, implement or otherwise improve control activities to achieve Information Security objectives. Supports Data Protection program within each of the business units assigned, including unstructured data classification activities. Helps ensure significant risk and associated control deficiencies are escalated to JISP and Business Leadership for information or action. Participates in the identification of Information Security Training and Awareness needs assessment on a regular basis and supports implementation of Information Security Training and Awareness plan and associated activities. Works with the business to ensure appropriate communication channels are in place, and provides Information Security related updates to business, function, or affiliates as appropriate. Ensures stakeholders understand the state of the controls they are accountable for and understand their responsibilities as to risk mitigation and remediation. Assists the business by providing direction on process improvements, remediating control gaps, and enhancing current tools for reducing the overall information security risk profile. Advises the business on security policies and standards to achieve security objectives and reduce the likelihood and impact of security risks. Liaises and helps facilitate internal audit, external audit and compliance review of security activities employed by the business. Plans and coordinates Information Security projects and initiatives within the business according to established plans and timelines. Advocates for the business to JISP by providing visibility to potential business impacts and appropriate resolution of issues to minimize impact to the business. Works to ensure monitoring and tracking of state and federal regulations pertinent to information security and privacy within the assigned business area(s). Assists the coordination of vendor security diligence reviews with the business. Supports and coordinates investigation and response, as appropriate of information security incidents for area of focus. Represents the business function, or affiliate during development and update of Information Security policies and standards. Identifies, develops, and maintains supplemental standards and procedures unique to the area of focus. Educates management of potential risks associated with a business decision and communicates the likelihood and impact of those decisions, so management can fully quantify those risks and determine tolerance levels. Coordinates the understanding and reporting on the overall information security risk posture of the business unit, providing a holistic view of vulnerabilities and associated risks to the business and Information Security. Leads regular meetings with assigned business unit management to cover pertinent security topics. Works in a collaborative environment with the security organization, participating in other security initiatives as needed. Focuses on delivering business value from the information security program. Collaborates with IT teams to ensure business driven prioritization and implementation of designed security controls. Promotes the culture of risk management and awareness. Ability to travel as often as one week per month. Performs other duties and/or projects as assigned. Knowledge, Skills and Abilities Working knowledge of multiple Information Security and Privacy disciplines, practices and standards. Comprehensive knowledge and understanding of business unit functions, strategic objectives, and goals from an Information Security viewpoint and perspective. Excellent consulting and critical thinking skills. Excellent client management and business literacy skills. Strong interpersonal, negotiation and leadership skills. Excellent verbal and written communication skills. Ability to develop strong trusting relationships in order to gain support and achieve results. Strong organizational skills and ability to support multiple business units in multiple locations, with travel as required. Take initiative to identify and anticipate client needs, business impact and make recommendations for implementation. Ability to influence others and shape/obtain desired outcome in areas outside of direct control. Results oriented, able to achieve desired outcomes independently and at appropriate priority levels. Business acumen to engage business process owners within assigned areas. Knowledge of risk assessment procedures. Familiarity with audit testing and control methodologies. Ability to effectively communicate technical and non-technical issues both verbally and in writing. Excellent analytical and problem-solving skills. Qualifications Bachelor's Degree or equivalent experience required. 5 years Systems or IT Related Experience required. Information Security experience required. 2 years Business or Financial Services Experience preferred. Experience working with vendors and third-party service providers preferred. CISSP Certified Information Systems Security Professional Or able to obtain within 1 year preferred. Certified Information Security Manager (CISM) preferred. We don't just accept difference - we celebrate it, we support it, and we thrive on it for the benefit of our employees, our products and our community. Jackson is proud to be an equal opportunity workplace. The Company subscribes to and endorses federal and state laws and regulations relating to equal employment opportunity for all persons without regard to race, color, religion, gender, age, national origin, legally-recognized disability, marital status, legally-protected medical condition, citizenship, ancestry, height, weight, sexual orientation, veteran status, or any other factor not related to the needs of the job. The Company is committed to a policy of equal opportunity. Company facilities and campuses are tobacco-free environments. At Jackson, our employees are empowered to bring a fresh perspective, confront new challenges, and define their own career paths. We value the unique perspectives and innovative ideas that come from our employees' diverse backgrounds. Jackson is the marketing name for Jackson National Life Insurance Company (Home Office: Lansing, Michigan) and Jackson National Life Insurance Company of New York (Home Office: Purchase, New York). Jackson National Asset Management, LLC (JNAM) located in Chicago, Illinois, is an SEC-registered investment adviser and Jackson subsidiary. Annuities are distributed by Jackson National Life Distributors LLC, Member FINRA. Jackson companies offer an outstanding benefits package including competitive pay, bonuses, comprehensive health insurance benefits, a matching 401(k) retirement plan, adoption assistance, education matching gift program and dependent tuition program. Online applications requested. Contact human.resources@jackson.com for alternate formats for accommodation. To learn more about Jackson's financial strength and results, visit jackson.com.