We’re BDO, a global network connected to local markets. Our people work together to provide specialist expertise, helping businesses achieve their goals and grow.

We inspire others, to go further. We create together, to reach higher. We build trust, to lead purposefully.

Whether you're building your future or starting your career – with us, you won’t do it alone. From creating solutions for our clients to building careers for our people, we shape what matters, and that’s where you come in.

Senior Manager, Information Security

The Information Security Senior Manager is a critical role within the Global Office Information Security function, operating as part of the broader Risk & Compliance team. The individual will work with the Director of Information Security to mature the operational domains of Cyber Risk, Governance, Security Risk Management, Security Compliance, and Security Assurance.

The individual should provide guidance, coordination, and leadership across the Information Security function and work closely with internal teams and external stakeholders to ensure the effectiveness, transparency, and continual improvement of the organisation’s security posture. This role is a management position with several direct reports.

Key responsibilities

Governance

- Provides oversight to the development, implementation, and continuous improvement of Global Office Information Security policies, standards, and governance frameworks.

- Drives alignment of the security governance model with organisational needs, regulatory requirements, and best‑practice industry standards, engaging with senior stakeholders.

- Translate strategic objectives into actionable operational plans across security domains.

Cyber & Security Risk Management

- Oversee the operation of our global cyber and information security risk management framework, ensuring effective identification, assessment, treatment, and monitoring of risks.

- Further develop risk‑related governance forums, providing informed recommendations to senior management.

- Ensure risk reporting is consistent, transparent, and integrated with enterprise‑wide risk processes, assisting in the development of Management Information and KPIs to senior management.

Security Compliance & Assurance

- Coordinate global compliance activities related to ISO 27001, SOC 2, and other regulatory or certification requirements, along with providing operational oversight for our assessments of BDO firms.

- Oversee internal and external audit interactions on behalf of Information Security.

- Coordinate continuous control monitoring and assurance activities between Information Security and other cross-functional leads to validate the effectiveness of security controls.

Operational Coordination

- Manage the operational workflows for Governance, Risk, Compliance, and Assurance (GRCA) functions in Information Security.

- Support, mentor, and coordinate team members delivering work across cyber risk, compliance, and assurance domains.

- Ensure cross‑functional collaboration with Global IT, HR, Legal, Privacy, and other stakeholders.

Security Improvement & Oversight

- Drive security improvement initiatives and ensure the remediation of gaps identified through risk assessments, audits, and quality reviews.

- Lead maturity assessments of security controls and capabilities.

- Support incident‑related reporting, post‑incident assurance, and root‑cause analysis where required.

Management Reporting

- Provide high‑quality reporting to senior leadership on risk, compliance, and assurance activity, including metrics, trends, and risk posture updates.

- Support preparation of materials for governance bodies and executive committees.

Qualifications, Experience, Skills

• Bachelor’s degree in information security, Information Technology, Computer Science, or a related field.
• Significant experience (typically 7+ years) in Information Security governance, risk, compliance, or assurance functions.
• Practical experience in managing security frameworks and controls within large, complex, or federated organisations.
• Experience in people management and development.
• Strong knowledge of ISO 27001, SOC 2, and global cybersecurity risk management practices.
• Experience working with GRC platforms (e.g., ServiceNow, Archer, or equivalents).
• Fluent written and spoken English. (other language skills would also be an advantage)
• Excellent communication and relationship‑building skills.
• Strong analytical capability and problem‑solving mindset.
• Ability to work independently, make informed decisions, and act as a trusted advisor.
• Proactive, organised, and comfortable with ambiguity in a global, evolving environment.

Why BDO?

We inspire others, to go further

At BDO, your ideas matter. You’re encouraged to think beyond the expected, explore new possibilities, and shape your own path. Here, you can make a meaningful impact, on your career, on your community, and on the future we build together.

We create together, to reach higher

We’re a people‑powered organisation, united by our diverse strengths and shared ambition. You’ll join a collaborative global team that values your perspective, amplifies your ideas, and supports your growth. Through global connections, shared knowledge, and opportunities for mobility, you’ll be part of something bigger: creating solutions that matter.

We build trust, to lead purposefully

Your expertise drives real outcomes at BDO. You’ll be part of an organisation that is trusted, recognised, and respected worldwide. With a strong commitment to integrity, sustainability, and positive impact, you'll be empowered to lead with purpose, both in the work you deliver, and in the communities where you live and work.

Privacy statement

The BDO network is coordinated by Brussels Worldwide Services BV (BWS). By providing personal information during the application process, you consent to BWS processing your personal data for the purpose of treating your application, evaluating your candidacy, and contacting you about the position for which you have applied. We also may process your personal data to:

• Evaluate you for any open positions throughout the BDO network.
• Generate general statistics.
• Inform you of any other job opportunities.

You also agree that we may share such data with BDO firms and service providers, if relevant to this job application.

BWS does not collect ‘sensitive’ personal information except when voluntarily provided by the candidate as part of the application.

If you voluntarily provide sensitive personal information as part of your application, you consent to the use of that information by BWS for legitimate business purposes and the transfer and storage of such information to and in BWS databases.