Information Security Business Partner

ZS is a place where passion changes lives. As a management consulting and technology firm focused on improving life and how we live it, we transform ideas into impact by bringing together data, science, technology and human ingenuity to deliver better outcomes for all. Here you'll work side-by-side with a powerful collective of thinkers and experts shaping life-changing solutions for patients, caregivers and consumers, worldwide. ZSers drive impact by bringing a client-first mentality to each and every engagement. We partner collaboratively with our clients to develop custom solutions and technology products that create value and deliver company results across critical areas of their business. Bring your curiosity for learning, bold ideas, courage and passion to drive life-changing impact to ZS.
This role is hybrid (3 days in the office and 2 days working from home). Candidates should be local to Chicago.
The Information Security Business Partner (ISBP) will serve as the critical link between ZS's client-facing business teams and both ZS's and client's Information Security organizations, driving alignment of client, business, and regulatory security requirements . This role is ideal for a dynamic professional with deep information security experience in a multinational or consulting environment, with any client facing experience, who enjoys collaborating with diverse stakeholders to deliver secure business solutions and measurable cybersecurity outcomes. The candidate should have client faci ng Inf ormation Security e xperience.
What you'll do:

• Business Unit Security Risk Assessment: Conduct periodic security risk reviews for business units or projects, facilitate risk sessions, and deliver tailored reporting.

• Security Requirements Mapping: Advise business teams in translating client regulatory and contractual security requirements into actionable controls, policies, and technical processes.

• Liaison for Client CISO/InfoSec Needs: Act as primary contact to coordinate security requests, assessments, audits, and due diligence with client CISOs and InfoSec teams.

• Policy & Standard Guidance: Interpret internal/external security policies, support alignment with business practices, and provide guidance on exceptions and clarifications.

• Incident & Business Impact Coordination: Support response and escalation for security incidents, including impact analysis for affected business units.

• Security Maturity & Compliance Reporting: Prepare and communicate security KPIs and maturity dashboards; facilitate reporting on progress against security program objectives .

Additional Responsibilities

• Build and maintain strong working relationships across Business, IT, and Information Security functions, representing client and business priorities within security programs.

• Working with executive teams - CISOs, CDLs, CIOs & proficient in translating security language into business language.

• Strong relationships with Privacy & Legal teams. Strong presentation skills and able to deliver for executive level presentations.

• Participate in the planning and execution of account-level Information Security initiatives, supporting compliance, audit, and regulatory requirements.

• Drive security capability improvement, including architecture/design, awareness, and readiness activities.

• Contribute to cyber resilience and incident response planning as applicable.

• Share practical knowledge of relevant cybersecurity policies, frameworks, and regulatory environments, especially those impacting healthcare or pharma sectors.

• Provide periodic updates to leadership and stakeholders on security posture, status, and roadmap progress.

What you'll bring:

• Bachelor's degree in computer science, Information Security, or related field.

• 7-10 years of experience delivering security consulting, risk assessments, or business information security functions in large organizations.

• Proven expertise in risk management, security frameworks (NIST, ISO 27001, CIS, COBIT), and interpreting regulatory requirements.

• Strong verbal/written communication skills, with the ability to translate technical concepts for business audiences and coordinate with client stakeholders.

• Demonstrated experience building consensus among cross-functional teams.

• Commitment to high standards of ethics, regulatory compliance, and customer service.

• Experience within multinational, consulting, or healthcare/pharma organizations.
• Practical understanding of security controls in cloud platforms and distributed environments.

• Professional security certifications (CISSP, CISA, CISM, CRISC, Security+).
• Familiarity with endpoint, network, and application security architectures.
• Hands-on experience with project management or leading small teams.
• Fluency in English
• Client-first mentality
• Intense work ethic
• Collaborative spirit and problem-solving approach

How you'll grow:

• Cross-functional skills development & custom learning pathways

• Milestone training programs aligned to career progression opportunities

• Internal mobility paths that empower growth via s-curves, individual contribution and role expansions

Hybrid working model:
ZS is committed to a Flexible and Connected way of working. ZSers are onsite at clients or ZS offices three days a week. Combined flexibility to work remotely two days a week is also available. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Perks & Benefits:
ZS offers a comprehensive total rewards package including health and well-being, financial planning, annual leave, personal growth and professional development. Our robust skills development programs, multiple career progression options and internal mobility paths, and collaborative culture empower you to thrive as an individual and global team member.
We are committed to giving our employees a flexible and connected way of working. A flexible and connected ZS allows us to combine work from home and onsite presence at clients/ZS offices for the majority of our week. The magic of ZS culture and innovation thrives in both planned and spontaneous face-to-face connections.
Travel:
Travel is a requirement at ZS for client-facing ZSers ; the business needs of your project and client are the priority. While some projects may be local, all client-facing ZSers should be prepared to travel as needed. Travel provides opportunities to strengthen client relationships, gain diverse experiences, and enhance professional growth by working in different environments and cultures.
Considering applying?
At ZS, we honor the visible and invisible elements of our identities, personal experiences and belief systems- the ones that comprise us as individuals, shape who we are, and make us unique. We believe your personal interests, identities and desire to learn are integral to your success here. We are committed to building a team that reflects a broad variety of backgrounds, perspectives and experiences. Learn more about our inclusion and belonging efforts and the networks ZS supports to assist our ZSers in cultivating community spaces and obtaining the resources they need to thrive. If you're eager to grow, contribute and bring your unique self to our work, we encourage you to apply.
ZS is an equal opportunity employer and is committed to providing equal employment and advancement opportunities without regard to any class protected by applicable law.
To c omplete y our a pplication:
Candidates must possess or be able to obtain work authorization for their intended country of employment. An online application, including a full set of transcripts (official or unofficial), is required to be considered.
NO AGENCY CALLS, PLEASE.
Find Out More At:
www.zs.com
#LI-SR4
Salary: $170,000.00 - $182,000.00