Black & Veatch Cyber Risk & Compliance Manager in Pierre, South Dakota
Cyber Risk & Compliance Manager
We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients.
Company : Black & Veatch Corporation
Req Id : 36922
Job Title : Cyber Risk & Compliance Manager
Location : USVRTL
Business Unit Sector : COR-CORP-CIO
Opportunity Type : Staff
Relocation eligible : No
Full time/Part time : Full-Time
Project Only Hire : No
Visa Sponsorship Available: No
The Cyber Risk & Compliance Manager, under the direction of CISO, will be responsible to establish and maintain the Governance, Risk and Compliance; and Privacy Program. In this role, the Compliance Manager will develop Policies, Standards, Security baselines, Risk framework & treatment strategy, maintenance ofcomplianceframework, Privacy policies and procedures, as well as build & measure KRI & KPI metrics for compliance.Additionally, the Compliance Manager will execute the planning and performance of risk assessments, while working directly with the technical and business stakeholders to identify appropriate risk factors, assess the adequacy of existing controls, assist and drive remediation of control weaknesses to ensure compliance requirements are maintained.
Develop GRC framework and processes to track and manage information and cyber risk to ensure compliance while enabling the business for digital transformation
Develop and maintain well-written documentation and timely updates of policies, standards, procedures, processes, risks, exceptions, issues & action plan
Collaborate with IT and business stakeholders, and architects, to understand the business direction and consequent impact on the security posture and risk appetite
Ensure the GRC processes are sustainable and properly documented
Partner with stakeholders to build current and relevant team knowledge related to governance, risk and compliance programs and practices
Monitor Security Operations Center reports, vulnerability reports, audit reports, and regulatory changes to identify and initiate risk prioritization and remediation
Partner with security service providers to drive improvements in the security posture
Continuously monitor and evaluate the environment, including third party risk, through self-assessments and independent security reviews
Monitor activities of IT systems and applications to ensure compliance with internal policies and procedures including monthly, quarterly and annual risk reviews
Develop and maintain security & compliance dashboard by providing visibility, operating effectiveness of controls, process stability, remediation status and action plan
Partner with CIO office, business and legal teams, to develop a roadmap for Privacy program designed to evaluate Privacy risk and remediation
Partner cross-functionally with stakeholders in Business units, Marketing, IT, HR, Finance, Legal, and Internal audit to drive awareness of GRC and Privacy requirements
Implement Privacy policies and controls and oversee ongoing compliance of incoming/outgoing privacy requests, including working across process owners to manage consumer-specific privacy requests
Manage and lead security awareness training, phishing campaigns and education efforts on privacy and data security policies
Perform other duties as assigned
Experience in Cyber Defense, Vulnerability management, IAM and Security Architecture
Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude
Knowledge of current threats and regulatory best practices in the Cyber Security and OT security
Available and participate in on-call duties and provide after-hours support as needed
Ability to communicate and work effectively with others, harness different skills and experience, and build a strong sense of team spirit
Action and results-oriented with the ability to overcome obstacles, able to work well under deadlines in a changing environment
Ability to adjust quickly to shifting priorities, and decision-making skills with limited information
Excellent verbal communication, and interpersonal skills to document and communicate findings, escalate critical findings to stakeholders
Education: Bachelor’s degree in information security or Computer Science or related field
Experience: Minimum 10 years of overall experience in Cyber Security, IT, Risk Assessments, Privacy
Must have 5 years of experience inGovernance, Risk and Compliance; and Privacy
At least one certification such as CISSP, CISM, CISA, CRISC, CIPP
Demonstrated experience applying security and risk frameworks, regulations and privacy such as NIST CSF/800-53/800-171, NERC CIP, CIS, CMMC, SOC2, GDPR, etc.
Experience in developing security policies and standards, risk assessments, third party risk programs, risk management, risk registries, regulatory compliance, security awareness training and testing, security metrics, privacy, and other relevant GRC areas
Knowledge of key U.S and international privacy laws and regulations, including GDPR, CASL, CCPA and willingness to learn and stay updated on privacy requirements
Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC,CIPP or similar privacy certifications.
Work Environment/Physical Demands
Typical office environment.
ITS: Information Technology Service
Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at (913) 458-2147. This contact information is fordisability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.
Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.
Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.
To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.
A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.
We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.
By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.
Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
For our EEO Policy Statement, please click. If you’d like more information on your EEO rights under the law, please clickand.
Notice to External Search Firms: Black & Veatch partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Black & Veatch will not be obligated to pay a placement fee. If interested in learning more, please visitand register with our referral code: bv123. Once registered, Black & Veatch will have access to your contact information should we choose to engage your agency for future hiring needs.
Black & Veatch
- Black & Veatch Jobs