Information Security Officer (ISO)

Owns day to day information security management for a business unit or organisation, ensuring policies are applied, exceptions are assessed, awareness is effective, and risks are tracked. This person coordinates with IT, legal, and product teams, reports meaningful metrics to leadership, and ensures incidents, suppliers, and changes meet the security baseline.