South Dakota Veteran Jobs

South Dakota Department of Labor & Regulation
South Dakota Department of Labor & Regulation mobile logo

Job Information

Black & Veatch Cyber Risk & Compliance Manager in Pierre, South Dakota

Cyber Risk & Compliance Manager

We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients.

Company : Black & Veatch Corporation

Req Id : 36922

Job Title : Cyber Risk & Compliance Manager

Location : USVRTL

Business Unit Sector : COR-CORP-CIO

Opportunity Type : Staff

Relocation eligible : No

Full time/Part time : Full-Time

Project Only Hire : No

Visa Sponsorship Available: No

Job Summary

The Cyber Risk & Compliance Manager, under the direction of CISO, will be responsible to establish and maintain the Governance, Risk and Compliance; and Privacy Program. In this role, the Compliance Manager will develop Policies, Standards, Security baselines, Risk framework & treatment strategy, maintenance ofcomplianceframework, Privacy policies and procedures, as well as build & measure KRI & KPI metrics for compliance.Additionally, the Compliance Manager will execute the planning and performance of risk assessments, while working directly with the technical and business stakeholders to identify appropriate risk factors, assess the adequacy of existing controls, assist and drive remediation of control weaknesses to ensure compliance requirements are maintained.

Key Responsibilities

  • Develop GRC framework and processes to track and manage information and cyber risk to ensure compliance while enabling the business for digital transformation

  • Develop and maintain well-written documentation and timely updates of policies, standards, procedures, processes, risks, exceptions, issues & action plan

  • Collaborate with IT and business stakeholders, and architects, to understand the business direction and consequent impact on the security posture and risk appetite

  • Ensure the GRC processes are sustainable and properly documented

  • Partner with stakeholders to build current and relevant team knowledge related to governance, risk and compliance programs and practices

  • Monitor Security Operations Center reports, vulnerability reports, audit reports, and regulatory changes to identify and initiate risk prioritization and remediation

  • Partner with security service providers to drive improvements in the security posture

  • Continuously monitor and evaluate the environment, including third party risk, through self-assessments and independent security reviews

  • Monitor activities of IT systems and applications to ensure compliance with internal policies and procedures including monthly, quarterly and annual risk reviews

  • Develop and maintain security & compliance dashboard by providing visibility, operating effectiveness of controls, process stability, remediation status and action plan

  • Partner with CIO office, business and legal teams, to develop a roadmap for Privacy program designed to evaluate Privacy risk and remediation

  • Partner cross-functionally with stakeholders in Business units, Marketing, IT, HR, Finance, Legal, and Internal audit to drive awareness of GRC and Privacy requirements

  • Implement Privacy policies and controls and oversee ongoing compliance of incoming/outgoing privacy requests, including working across process owners to manage consumer-specific privacy requests

  • Manage and lead security awareness training, phishing campaigns and education efforts on privacy and data security policies

  • Perform other duties as assigned

Management Responsibilities

Individual Contributor

Preferred Qualifications

  • Experience in Cyber Defense, Vulnerability management, IAM and Security Architecture

  • Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude

  • Knowledge of current threats and regulatory best practices in the Cyber Security and OT security

  • Available and participate in on-call duties and provide after-hours support as needed

  • Ability to communicate and work effectively with others, harness different skills and experience, and build a strong sense of team spirit

  • Action and results-oriented with the ability to overcome obstacles, able to work well under deadlines in a changing environment

  • Ability to adjust quickly to shifting priorities, and decision-making skills with limited information

  • Excellent verbal communication, and interpersonal skills to document and communicate findings, escalate critical findings to stakeholders

Minimum Qualifications

Education: Bachelor’s degree in information security or Computer Science or related field

Experience: Minimum 10 years of overall experience in Cyber Security, IT, Risk Assessments, Privacy

  • Must have 5 years of experience inGovernance, Risk and Compliance; and Privacy

  • At least one certification such as CISSP, CISM, CISA, CRISC, CIPP

  • Demonstrated experience applying security and risk frameworks, regulations and privacy such as NIST CSF/800-53/800-171, NERC CIP, CIS, CMMC, SOC2, GDPR, etc.

  • Experience in developing security policies and standards, risk assessments, third party risk programs, risk management, risk registries, regulatory compliance, security awareness training and testing, security metrics, privacy, and other relevant GRC areas

  • Knowledge of key U.S and international privacy laws and regulations, including GDPR, CASL, CCPA and willingness to learn and stay updated on privacy requirements

Certifications

Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC,CIPP or similar privacy certifications.

Work Environment/Physical Demands

Typical office environment.

Competencies

Action oriented

Communicates effectively

Collaborates

Salary Plan

ITS: Information Technology Service

Job Grade

006

Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at (913) 458-2147. This contact information is fordisability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.

Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.

Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.

To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.

A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.

We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.

By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

For our EEO Policy Statement, please click. If you’d like more information on your EEO rights under the law, please clickand.

Notice to External Search Firms: Black & Veatch partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Black & Veatch will not be obligated to pay a placement fee. If interested in learning more, please visitand register with our referral code: bv123. Once registered, Black & Veatch will have access to your contact information should we choose to engage your agency for future hiring needs.

DirectEmployers