Senior InfoSec Advisor (Comm Tech & Data/AI)

About the role

The Sr. Cybersecurity Business Advisor (CBA) serves as a strategic interface between the Cybersecurity Advisory function and key business units. This role ensures cybersecurity considerations are embedded into business decisions, technology initiatives, and operations by aligning security priorities with organizational goals. The CBA helps drive a culture of security awareness, risk informed decision making, and collaborative cyber governance.

Role Responsibilities Strategic Alignment & Business Enablement

• Serve as the primary cybersecurity point of contact for assigned business units
• Understand the strategic goals and operations of business partners and translate them into cybersecurity requirements
• Facilitate integration of security into business projects, change initiatives, and digital transformations

Risk Identification & Advisory

• Partner with business and IT leaders to identify and assess cyber risks and regulatory impacts
• Provide risk informed recommendations that balance security and business enablement
• Support internal risk reviews, control design, and service coordination

Cybersecurity Governance & Enablement

• Support the refinement and implementation of cybersecurity policies, standards, and control frameworks (e.g., NIST CSF, CIS Control Framework)
• Track and report on key cybersecurity metrics, issues, and risk trends to business stakeholders
• Participate in cyber steering committees, program reviews, and audit discussions

Awareness & Advocacy

• Promote cybersecurity awareness and secure behaviors within business units
• Champion the adoption of cybersecurity best practices in business operations and vendor management
• Partner with enterprise training teams to deliver tailored education sessions

Basic Qualifications

• 10+ years of experience in cybersecurity, risk management, or IT governance
• Strong business acumen and experience working with functional leaders in areas such as R&D, Supply Chain, Commercial, Finance, and Legal
• Familiarity with cybersecurity frameworks and regulatory environments (e.g., NIST CSF, ISO 27001, GDPR, SOX, HIPAA)
• Excellent communication, stakeholder management, and influence skills

Preferred

• Experience in large enterprises within regulated industries (e.g., financial services, healthcare, pharma, manufacturing)
• Demonstrated success in driving cybersecurity improvements through business collaboration
• Ability to manage competing priorities and adapt in a dynamic environment
• Cybersecurity certifications such as CISM, CISSP, CRISC, or CCSP

Equal Opportunities

Haleon are committed to mobilising our purpose in a way that represents the diverse consumers and communities who rely on our brands every day. It guides us in creating an inclusive culture, where different backgrounds and views are valued and respected - all in support of understanding and best serving the needs of our consumers and unleashing the full potential of our people. It's important to us that Haleon is a place where all our employees feel they truly belong.

During the application process, we may ask you to share some personal information, which is entirely voluntary. This information ensures we meet certain regulatory and reporting obligations and supports the development, refinement, and execution of our inclusion and belonging programmes that are open to all Haleon employees.

The personal information you provide will be kept confidential, used only for legitimate business purposes, and will never be used in making any employment decisions, including hiring decisions.