Black & Veatch Cyber Security Operations Manager in Helena, Montana
Cyber Security Operations Manager
We believe real value is powered by the unique skills and experiences of our professionals. The interchange of ideas from a diverse group of people gives our teams an expanded perspective and the ability to find better solutions for our clients.
Company : Black & Veatch Corporation
Req Id : 36973
Job Title : Cyber Security Operations Manager
Location : USVRTL
Business Unit Sector : COR-CORP-CIO
Opportunity Type : Staff
Relocation eligible : No
Full time/Part time : Full-Time
Project Only Hire : No
Visa Sponsorship Available: No
The Cyber Security Operations Manager, under the direction of CISO, will be responsible to build cyber defense controls and manage security operations to protect Black & Veatch from cyber threats. In this role, the Cyber Security Operations Manager will manage security operations and vulnerability management of infrastructure, platforms and applications. The Cyber Security Operations Manager will work with key IT and Business Unit stakeholders to conduct technical analysis and respond to security issues, as well as threats and incidents, vulnerability assessments and remediation, security investigations, end user protection and third-party security incident investigations.
Manage Cyber Security Operations and Vulnerability Management programs
Develop and maintain documentation on Cyber Security Operations, incident playbook and runbooks, process workflow, incident handling and response capabilities
Develop and maintain documentation Vulnerability assessment, threat modeling and risk remediation processes
Collaborate and partner with IT and business stakeholders, and remediation teams, to respond to security incidents and control remediation
Assist in optimizing cyber security program by implementing Policies, Standards, and Processes
Proactively monitor, analyze and provide guidance on security vulnerabilities and incidents to support remediation activities
Research and provide guidance on Zero-day vulnerabilities and emerging threats
Lead the detection and response activities related to security incidents and vulnerability findings to ensure timely remediation
Conduct root cause analysis and optimize security incidents through process orchestration and automation
Review Security Operations Center reports, threat reports, audit reports, and regulatory changes to identify and initiate risk prioritization and remediation
Manage and partner with security service providers for security tool and process enhancements to improve the security posture
Continuously monitor and evaluate the environment through self-assessments and independent security testing
Develop and report on KRI’s and KPI’s related to vulnerability management and incident management
Conduct Incident Response testing and drive maturity of the incident response and vulnerability programs
Perform other duties as assigned
Experience in Cyber Security Architecture, Cloud Platform Security, Risk Assessment, Network Security, IAM, Data Security and Governance
Action and results-oriented with the ability to overcome obstacles, able to work well under deadlines in a changing environment
Available and participate in on-call duties and provide after-hours support as needed
Ability to adjust quickly to shifting priorities, and decision-making skills with limited information
Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude
Knowledge of current threats and best practices in the Cyber Security and OT security
Ability to communicate and work effectively with others, harness different skills and experience, and build a strong sense of team spirit
Excellent verbal communication, and interpersonal skills to document and communicate findings, escalate critical risks to stakeholders
Education: Bachelor’s degree in information security or Computer Science or related field preferred
Experience: Minimum 10 years of experience in Cyber Security, Security Monitoring and Response
Must have 5 years of experience in managing Incident Response and Vulnerability Management
At least one certification such as CISSP, CCSP, GIAC, CEH
Demonstrated experience applying security and risk frameworks, and regulations such as NIST CSF/800-53/800-171, Cyber Kill Chain, MITRE ATT&CK, OWASP, CSA, etc.
Deep technical knowledge and experience in SIEM, threat intelligence platforms, vulnerability assessment tools, Cloud platforms, EDR, Cyber threats and attack vectors, exploitation methods, IOC and TTP’s, Infrastructure and Application security in a distributed environment
Experience in Threat modeling, Threat hunting and intelligence, Incident Response Tabletop exercise, and process automation
Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP or similar privacy certifications.
Work Environment/Physical Demands
Typical office environment.
ITS: Information Technology Service
Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at (913) 458-2147. This contact information is fordisability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.
Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.
Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.
To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.
A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.
We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.
By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.
Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
For our EEO Policy Statement, please click. If you’d like more information on your EEO rights under the law, please clickand.
Notice to External Search Firms: Black & Veatch partners with BountyJobs for contingency search business through outside firms. Resumes received outside the BountyJobs system will be considered unsolicited and Black & Veatch will not be obligated to pay a placement fee. If interested in learning more, please visitand register with our referral code: bv123. Once registered, Black & Veatch will have access to your contact information should we choose to engage your agency for future hiring needs.