Black & Veatch Chief Information Security Officer in Indianapolis, Indiana
Chief Information Security Officer
We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients.
Company : Black & Veatch Corporation
Req Id : 27950
Job Title : Chief Information Security Officer
Location : USVRTL
Business Unit Sector : COR-CORP-CIO
Opportunity Type : Staff
Relocation eligible : No
Full time/Part time : Full-Time
Project Only Hire : No
Visa Sponsorship Available: No
Senior director level leader responsible for maintaining and advancing the corporate-wide, global information risk and security management program and organization. Reporting to the CIO, the Global Chief Information Security Officer (CISO) partners with all functional leadership to direct the strategic vision for, and lead the evolution of a shared vision for a “best in class” global information security program to ensure information assets are adequately protected. Responsibilities include identifying, evaluating, protecting against and reporting on information security risks globally in a manner that meets compliance and regulatory requirements, and aligns with and supports the risk posture of the enterprise.
Proactively works with business units to implement techniques that meet defined policies and standards for information security. Oversees a variety of IT –related risk management activities including Information Security, Cyber Security, Data Governance, Data Protection and various Compliance requirements. Serves as the process owner of all ongoing activities related to the availability, integrity and confidentiality of customers, business partners, employees and business information in compliance with the organization’s information security policies.
IT Risk Assessment:
Chair of committee that brings together key security and risk stakeholders to develop and review enterprise security and risk strategies
Directs the strategic vision for and leads the evolution of the Company's global information security program. Ensures completion of company-wide information security strategy and action plans based on risk assessment and gap analysis.
Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balances this with risk assessments.
Understands potential and emerging information security threats, vulnerabilities, and control techniques and ensures communication of this information to appropriate professionals occurs on a timely basis.
Develops and directs technical teams in the investigation and resolution of complex privacy and security problems.
Direct management of IT Information Security Team.
Indirect management of 3rd party information security, disaster recovery, and business continuity teams.
Senior Leadership responsibility within the Office of the CIO
IT / Business Risk Management:
Develops, implements and monitors a strategic, comprehensive enterprise information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
Advise the Executive Committee and Board of Directors on risk issues that are related to information security and recommend actions in support of the company’s wider risk management program, as appropriate.
Management of system technology to support information and security requirements.
Manages project timelines, deliverables and information requests for all functions within IT Security.
Responsible for committee ownership that brings together key security and risk stakeholders to develop and review enterprise security and risk strategies
Works with Legal Counsel and Human Resource counterparts relative to difficult privacy and security issues.
Creates an information security awareness program to customize communication tools and campaigns for the various business units.
IT Standards, Procedures, and Policies Formulation:
Directs the development, publication and maintenance of comprehensive information security standards, policies, procedures and guidelines.
Monitors information security trends and evolving technologies; keeps senior leadership informed about related information security issues and implications for the company.
Sets usage and security policies for information sharing on internal and external platforms.
Ensures the establishment and maintenance of technical computer and network security systems and protocols
Master's degree preferred. Change management certification preferred.
Typically 10 years' related experience. Experience leading an information security system office and applying information security, risk management and privacy practices in the Engineering, Procurement and Construction industry, preferred.
This position requires a visionary leader with strong business acumen and a detailed working knowledge of information security technologies, practices, policies, and their application in a global Engineering, Procurement and Construction market.
The successful candidate must be highly knowledgeable about the Engineering, Procurement and Construction business environment and must ensure that information systems are maintained in a fully functional, secure mode.
The ideal candidate is a thought leader, a consensus builder, and an integrator of people, process and technology. This role is ultimately a business leader and should have a track record of competency in the field of information security with direct experience in a significant leadership role. A demonstrated track record and capability of “Board-level discussion” on the enterprise Risk and Information strategy and position is a must.
Excellent written and verbal communications skills with proven experience presenting to board-level executives and leadership teams with the ability to communicate security and risk-related concepts to technical and non-technical audiences
Experience leading a security practice across global teams based in Europe, Asia, and the United States
Strong demonstrated knowledge of technologies including network, server, desktop, storage, and how security relates to the overall IT environment
Experience with information disaster recovery planning and testing, auditing, risk analysis, business system resumption and contingency planning and data privacy.
Business system continuity planning, auditing and risk management experience as it relates to information security
Extensive experience in strategic planning, budgeting and allocation
Very strong business analysis skills, problem solving techniques, and follow-up
Experience: Minimum of 10 years practical experience designing and implementing enterprise information technology security required.
Education: Bachelor degree in CS or MIS, or equivalent experience required, MBA with emphasis in MIS, or Business administration a strong plus. Security accreditations including CISSP, CISM, and CIPT.
Monitors regulatory compliance with enterprise security policies and educates business leaders on compliance efforts relative to the EPC space.
Writes and assists others in writing various types of policies and procedures in order to maintain proper compliance relative to industry information security and privacy.
IT Continuity Management and Disaster Recovery:
Acts as the primary corporate control point during follow-up on significant information security incidents, oversees development of response plans and provides timely update reporting.
Supports the strategic vision and evolution of a best in class disaster recovery program for critical IT assets.
All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
Work Environment/Physical Demands
Typical office environment.
ITS: Information Technology Service
Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at (913) 458-2147. This contact information is fordisability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.
Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.
Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.
To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.
A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union.
We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.
By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.
Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
For our EEO Policy Statement, please click. If you’d like more information on your EEO rights under the law, please clickand.
Notice to External Search Firms: Black & Veatch partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Black & Veatch will not be obligated to pay a placement fee. If interested in learning more, please visitand register with our referral code: bv123. Once registered, Black & Veatch will have access to your contact information should we choose to engage your agency for future hiring needs.
Job Segment: Engineer, Construction, Engineering
Black & Veatch
- Black & Veatch Jobs