Information Security Business Partner

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you’ll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS.

This role is hybrid (3 days in the office and 2 days working from home). Candidates should be local to Chicago.

The Information Security Business Partner (ISBP) will serve as thecritical link between ZS’s client-facing business teams and both ZS’s and client’s Information Security organizations, driving alignment of client, business, and regulatory security requirements. This role is ideal for a dynamic professional withdeepinformation security experience in a multinational or consulting environment,with any client facing experience,who enjoys collaborating with diverse stakeholders to deliver secure business solutions and measurable cybersecurity outcomes.The candidate should haveclientfacingInformationSecurity experience.

Whatyou’lldo:

• Business Unit SecurityRisk Assessment:Conduct periodic security risk reviews for business units or projects,facilitaterisk sessions, and deliver tailored reporting.
• Security Requirements Mapping:Advise business teams in translating client regulatory and contractual security requirementsinto actionable controls, policies, and technical processes.
• Liaison for Client CISO/InfoSec Needs:Act as primary contact to coordinate security requests, assessments, audits, and due diligence with client CISOs and InfoSec teams.
• Policy & Standard Guidance:Interpret internal/external security policies, support alignment with business practices, and provide guidanceon exceptions and clarifications.
• Incident & Business Impact Coordination:Support response and escalation for security incidents, including impact analysis for affected business units.
• Security Maturity & Compliance Reporting:Prepare and communicate security KPIs and maturity dashboards;facilitatereportingon progress against security programobjectives.

Additional Responsibilities

• Build andmaintainstrong working relationships across Business, IT, and Information Security functions,representingclient and business priorities within security programs.
• Working with executive teams – CISOs, CDLs, CIOs & proficient in translatingsecurity language into business language.
• Strong relationships with Privacy & Legal teams.Strong presentation skills and able todeliver forexecutive level presentations.
• Participate in the planning and execution of account-level Information Security initiatives, supporting compliance, audit, and regulatory requirements.
• Drive security capability improvement, including architecture/design, awareness, and readiness activities.
• Contribute to cyber resilience and incident response planning as applicable.
• Share practical knowledge of relevant cybersecurity policies, frameworks, and regulatory environments, especially thoseimpactinghealthcare or pharma sectors.
• Provide periodic updates to leadership and stakeholders on security posture, status, and roadmap progress.

Whatyou’llbring:

• Bachelor’s degree in computer science, Information Security, or related field.
• 7-10years of experience delivering security consulting, risk assessments, or business information security functions in large organizations.
• Provenexpertisein risk management, security frameworks (NIST, ISO 27001, CIS, COBIT), and interpreting regulatory requirements.
• Strong verbal/written communication skills, with the ability to translate technical concepts for business audiences and coordinate with client stakeholders.
• Demonstrated experience building consensus among cross-functional teams.
• Commitment tohigh standardsof ethics, regulatory compliance, and customer service.
• Experience within multinational, consulting, or healthcare/pharma organizations.
• Practical understanding of security controls in cloud platforms and distributed environments.
• Professional security certifications (CISSP, CISA, CISM, CRISC, Security+).
• Familiarity with endpoint, network, and application security architectures.
• Hands-on experience with project management or leading small teams.
• Fluency in English
• Client-first mentality
• Intense work ethic
• Collaborative spirit and problem-solving approach

Howyou’llgrow:

• Cross-functional skills development & custom learning pathways
• Milestone training programs aligned to career progression opportunities
• Internal mobility paths that empower growth via s-curves, individual contribution and role expansions

Hybrid working model:

ZS is committed to aFlexible and Connectedway of working.ZSersareonsiteat clients or ZS offices three days a week. Combined flexibility to work remotely two days a week is also available.The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.

Perks & Benefits:

ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personalgrowthand professional development. Our robust skills development programs, multiple career progression options andinternal mobility paths, andcollaborative cultureempoweryou to thrive as an individual and global team member.

We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home andonsitepresence at clients/ZS offices forthe majority ofour week.The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.

Travel:

Travel is a requirement at ZS forclient-facingZSers; thebusiness needs of your project and client are the priority. While some projects may be local, all client-facingZSersshould be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.