Business Info Security Officer

May 29, 2026

<h2 class="jdheading"> What You'll Do</h2> We’re looking for a Business Info Security Officer to join our team. In this role, you’ll be responsible for managing and leading information security objectives and processes in partnership with BISO II, with a significant focus on articulating and presenting our security strategy, controls, and risk posture to clients, advisors, and other external stakeholders. Our BISO’s play a key role in governance of our information security program at Principal; your voice makes an impact! Key responsibilities include: <ul style="margin-top: 0in;"><li>Advise business area management and corporate information security on industry developments in information security, technology, security issues and legislation that impacts the SCBU, and translate those developments into clear, audience-appropriate messaging for clients and advisors.</li><li>Develop and maintain working relationships with SCBU compliance, risk management, audit, privacy, fraud areas.</li><li>Identify risks and issues and participate in risk assessments with corporate information security, bringing an information security lens to complex business unit initiatives.</li><li>Review policies, standards and guidance and other key documents associated with our information security program and actively participate in information security governance as part of the Information Security Steering Group.</li><li>Provide input on information security reporting and metrics, as well as to the business function, including project status, issues or funding issues, and synthesize this information into compelling presentations and talking points for client and advisor discussions.</li><li>Represent on incident response processes which may include incident response planning and management of security incidents and events to protect IT assets.</li><li>Responsible for oversight of business area compliance with information security policies and procedures, including but not limited to identity and access management, education and awareness, software security, patch management, data loss protection and overall business unit assessment of IT risk.</li><li>Partner with business unit subsidiaries, joint ventures, partnerships, and other external relationships to communicate security expectations, explain our security program, and build confidence in secure communications and transactions with clients and advisors.</li><li>Serve as a visible security spokesperson for the business by presenting our security strategy, control environment, and risk management approach to clients, advisors, and key external customers in a clear, credible, and business-relevant manner.</li><li>Travel is expected in this role, including periodic travel for internal meetings and external client or advisor-facing engagements.</li></ul> Operating at the intersection of financial services and technology, Principal builds financial tools that help our customers live better lives. We take pride in being a purpose-led firm, motivated by our mission to make financial security accessible to all. Our mission, integrity, and customer focus have made us a trusted leader for more than 140 years. <h3 class="jdheading">Who You Are</h3> <ul style="margin-top: 0in;"><li>You have a Bachelor's degree in computer related field or equivalent experience plus at least 8 years of experience as an IT professional</li><li>You have a strong understanding of business principles and business language, with the ability to tailor security messaging for clients, advisors, and executive audiences.</li><li>You are able to effectively communicate information security principles, strategy, and control effectiveness with all levels of employees, as well as present confidently to clients, advisors, and senior external stakeholders.</li><li>You have the ability to align security strategy with business strategy and convert complex security concepts into concise, trust-building narratives and presentation materials for non-technical audiences.</li><li>You understand multiple info security domains and have depth in a few of those domains (examples could include data protection, governance, cyber defense, application security, or others)</li><li>You have strong leadership & decision-making ability</li></ul><h2>Skills That Will Help You Stand Out </h2><ul style="margin-top: 0in;"><li>CISSP or CISM preferred</li><li>Demonstrated executive presence, strong presentation skills, and experience representing security, risk, or compliance topics in client-facing or advisor-facing settings preferred.</li></ul> <h2 class="jdheading">Salary Range Information</h2> Salary ranges below reflect targeted base salaries. Non-sales positions have the opportunity to participate in a bonus program. Sales positions are eligible for sales incentives, and in some instances a bonus plan, whereby total compensation may far exceed base salary depending on individual performance. Actual compensation for all roles will be based upon geographic location, work experience, education, licensure requirements and/or skill level and will be finalized at the time of offer. <h3 class="jdheading">Salary Range (Non-Exempt expressed as hourly; Exempt expressed as yearly)</h3> $141000 - $191000 / year <h3 class="jdheading">Time Off Program</h3> Flexible Time Off (FTO) is provided to salaried (exempt) employees and provides the opportunity to take time away from the office with pay for vacation, personal or short-term illness. Employees don’t accrue a bank of time off under FTO and there is no set number of days provided. <h3 class="jdheading">Pension Eligible</h3> Yes <h2>Work Environments</h2>This role offers in-office, hybrid (blending at least three office days in a typical workweek), and remote work arrangements (only if residing more than 30 miles from Des Moines, IA, Charlotte, NC, and Raleigh, NC). You’ll work with your leader to figure out which option may align best based on several factors.<h2>Work Authorization/Sponsorship</h2>At this time, we're not considering applicants that need any type of immigration sponsorship (additional work authorization or permanent work authorization) now or in the future to work in the United States. This includes, but IS NOT LIMITED TO: F1-OPT, F1-CPT, H-1B, TN, L-1, J-1, etc. For additional information around work authorization needs please use the following links.<a href="https://www.uscis.gov/working-in-the-united-states/temporary-nonimmigrant-workers" target="_blank" rel="noopener">Nonimmigrant Workers</a> and <a href="https://www.uscis.gov/green-card/green-card-eligibility/green-card-for-employment-based-immigrants" target="_blank" rel="noopener">Green Card for Employment-Based Immigrants</a><h2>Investment Code of Ethics</h2>For Principal Asset Management positions, you’ll need to follow an Investment Code of Ethics related to personal and business conduct as well as personal trading activities for you and members of your household. These same requirements may also apply to other positions across the organization.<h2>Experience Principal</h2>At Principal, we value connecting on both a personal and professional level. Together, we’re imagining a more purpose-led future for financial services – and that starts with you. Our success depends on the unique experiences, backgrounds, and talents of our employees. And we support our employees the same way we support our customers: with comprehensive, competitive benefit offerings crafted to protect their physical, financial, and social well-being. Check out our <a href="https://www.principal.com/about-us/careers" target="_blank" rel="noopener">careers site</a> to learn more about our purpose, values and benefits.<h2>Principal is an Equal Opportunity Employer</h2>All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.<div style="display: none;"><video id="localVideo" class="iCIMS_FrameMedia" width="300" height="150"></video><video id="localVideo1" class="iCIMS_FrameMedia" width="300" height="150"></video></div> <h3 class="jdheading">Posting Window</h3> We will accept applications for 3 full days following the Original Posting Date, after which the posting may remain open or be removed based upon applications received. If we choose to post the job again, we will accept additional applications for at least 1 full day following the Most Recently Posted Date. Please submit applications in a timely manner as there is no guarantee the posting will be available beyond the applicable deadline. <h4 class="jdheading">Original Posting Date</h4> 5/28/2026 <h4 class="jdheading">Most Recently Posted Date</h4> 5/28/2026 AI Usage Posting Verbiage Principal uses artificial intelligence tools to assist in reviewing and evaluating job applications, fraud prevention, and candidate matching and comparisons. These AI tools support our human recruiters in the initial review process but do not make final hiring decisions without human involvement. By submitting your application, you acknowledge this use of AI in our recruitment process. Please review our <a href="https://secure02.principal.com/publicvsupply/GetFile?fm=WW962&ty=VOP" target="_blank" title="https://secure02.principal.com/publicvsupply/GetFile?fm=WW962&ty=VOP" class="x_x_OWAAutoLink" data-auth="NotApplicable" data-linkindex="1" rel="noopener">Workforce (U.S.) Privacy Notice</a> for more details on our practices and your data privacy rights. LinkedIn Remote Hashtag #LI-Remote LinkedIn Hashtag #LI-EW1

Back to blog

DISCLAIMER

Business Info Security Officer

Other Jobs To Apply