Director of Security Compliance - Industrial Cybersecurity Consulting - 1898 & Co. (Multiple Lo[...]
Company: Burns & McDonnell
Location: Washington
Posted on: April 30, 2024
Job Description:
Director of Security Compliance - Industrial Cybersecurity
Consulting - 1898 & Co. (Multiple Locations) Washington , District
Of Columbia
- Job: Consulting
- Primary Location: Washington, DC
- Schedule: Full-time
- Travel: Yes, 25 % of the TimeDescription1898 & Co. is looking
for its next leader within the Security & Risk Consulting group
focused on helping our clients secure their operational technology
and assets. The Director of Security Compliance within the
Industrial Cybersecurity Consulting group will lead the group of
Governance and Compliance Consultants that provide consulting
service offerings from 1898 & Co.'s Security & Risk Consulting
group, reporting to the Security & Risk, Consulting Business Line
Leader.1898 & Co. is a global business, technology and security
consultancy serving critical infrastructure industries. We partner
with clients to plan, secure, and optimize their business. As part
of Burns & McDonnell and our 120 years of industry experience, we
understand the complexity of the asset-intensive business model,
the trends impacting the industry, and the need to ground big ideas
in operational realities.We have a group specifically focused on
industrial cybersecurity. When it comes to industrial
cybersecurity, critical infrastructure industries face
unprecedented challenges. The risk of cyber sabotage is on the
rise. And evolving technologies create complexities that are
increasingly difficult to manage. Our team is among the small pool
of professionals who can operate at the intersection of critical
infrastructure and cybersecurity.We're looking for someone ready to
take the lead of the Security Compliance team with an
entrepreneurial spirit and to implement our core values into their
work. 1898 & Co. has the feel of a start-up, with the support of
Burns & McDonnell's vast resources. It's what makes us unselfish
collaborators. We proactively walk the talk to create bigger
opportunities through sharing, communicating, and candidness. We
are energy-givers who maintain a broader view of success,
prioritizing others' needs and goals in addition to our own.1898 &
Co.'s Business Lines facilitate a strategic approach to selling
services, developing staff, and maintaining client relationships.
The Director of Security Compliance primary responsibility is to
help lead the Security Compliance Delivery team to meet the
near-term goals and long-term vision for the Business Line that
supports the growth of 1898 & Co. The Director of Security
Compliance displays grit in their leadership role and the work they
deliver. They are confident and willing to take it to the next
level.The Director of Security Compliance will be required to lead
a team of Governance and Compliance consultants that work with
numerous entities within a variety of industries, including energy,
utilities, manufacturing, and government.What You'll Do:As a
Director of Security Compliance, you will be responsible for and
manage the Security Compliance group within the Business Line of
Industrial Cybersecurity Consulting service offerings. You'll work
with the Consulting Business Line Leader to support overall
business planning, while being responsible for the Security
Compliance group's Profit and Loss. You'll lead the group of
Security Compliance Consultants responsible for project execution,
and team leadership. Key responsibilities will include:Support the
Consulting Business Line to help create, develop, manage, and
communicate the strategic direction of the Consulting Business
Line. In collaboration with the Business Line Leader, you'll help
set financial targets for the Security Compliance team, such as
sales, revenue, profitability, and chargeability, as well as
budgets for overhead expenses, such as marketing trips,
conferences, software, certifications, etc. You'll help prepare and
manage a business plan for the strategic growth of the Consulting
Business Line, including expansion of current and new service
offerings, marketing activities, client retention and acquisition,
and staff growth plan.Support a team of Governance and Compliance
consultants to facilitate timely, quality, and profitable execution
of projects within the Business Line and serve as quality control
leader for deliverables. You're accountable for key financial
performance metrics within the Business Line and the execution of
projects.Serve as a Offering Leader on all aspects of project
execution, including scope, schedule, and budget, and ensure
quality control of deliverables. You'll analyze and communicate
project status, risks, schedule, and costs to all internal and
external stakeholders. You'll lead multi-discipline teams of
engineers and analysts. Your communication and planning skills are
vital to keeping everyone on the same page with personnel needs to
department management.Mentor, train, and support the career
development of Security Compliance consultants within the business
line.Specific responsibilities include:Overall management of
Security Compliance Consulting TeamDevelop and lead a global
Security Compliance Strategy supporting the successful delivery of
security outcomes across Security Risk & Consulting Delivery.Serve
as the Business Owner of Security Compliance processes, tools and
governance, including documentation of all processes (sales
engagement and delivery), the training of Governance and Compliance
team and assessment of new processes and tools when required.Create
a repository for all delivery documentation; keeping the repository
updatedAlign Security Compliance team with 1898 CX PrincipalsReview
utilization and assignment of projects -ensuring proper utilization
for team membersMonitor and proactively address project
risksManages Governance and Compliance projects for industrial
control systems (ICS), ensuring timely, on budget completion and
adherence to established methodologies and guidelines.Advise on the
pursuit and proposal process for client engagements, contributing
technical expertise to craft compelling proposals that showcase
value of our Security Compliance Offerings.Lead the estimation and
resource allocation process for Governance and Compliance
engagements, providing insights into project requirements,
complexities, and potential challenges, ensuring efficient project
planning and execution.Achieve client-specific cybersecurity goals
by identifying compliance variances in our critical infrastructure
clients and recommending appropriate remediation measures.Develop
comprehensive Governance and Compliance reports that clearly
outline findings, risks, and recommendations for improving the
security posture of industrial control systems.Advise clients on
best practices for securing their industrial networks and control
systems, including network segmentation, authentication, and
encryption.Assign tasks and responsibilities to junior Governance
and Compliance Consultants, providing guidance and mentorship to
develop their skills and expertise in ICS security.Decide on the
scope and objectives of Governance and Compliance work, based on
client requirements and industry-specific regulations and
standards.Oversee the continuous improvement of internal processes
and procedures, promoting a culture of excellence and innovation
within the Security Compliance Team.Approve and review Governance
and Compliance methodologies and tools, ensuring their suitability
for assessing the security posture of various ICS architectures and
technologies.Think "outside the box" to develop specialized
techniques to gather, evaluate and present compliance information
to clients that goes beyond the typical "check box" exercises of
compliance.Initiate client communication, establishing a
collaborative relationship and maintaining transparency throughout
the delivery process.Perform and manage performance of compliance
maturity reviews based on an existing frameworks, including, but
not limited to: NERC CIP, TSA, CMMC, AWIA, ISO27001, NIST CSF, NIST
800-171, and formulate a program to close the gaps.Delegate
responsibilities to team members, ensuring a balanced workload and
optimal use of resources during engagements.Determine training
needs for the team and participates in developing ICS cybersecurity
training materials and programs, by level, by role and by specific
consultant.Supervise the assessment of emerging cybersecurity
governance and compliance standards specific to our critical
infrastructure clients,incorporating this knowledge into
methodologies, strategies, offerings and training of consultants
testing.Monitor and ensure CSAT responses on Security Compliance
Projects and ensure all engagements are at or above satisfactory
for all projectsEnforce strict adherence to legal and ethical
guidelines during Security Compliance engagements, ensuring that
all activities comply with applicable laws, regulations, and
industry standards.Collaborate with other cybersecurity
professionals, staying current on industry trends and advancements
in ICS security, and contributing to the broader knowledge base of
the organization.Conduct quarterly reviews and provide feedback to
Security Compliance team members on progressDevelop and maintain
relationships with internal clients (Offering Leaders) to ensure
escalation paths are clearly definedDevelop, manage, and update all
Security Compliance sales documentation - required for sales,
internal training, internal reference, website content, etc.Other
duties as assignedQualificationsBachelor's degree in Computer
Science, Cybersecurity, Electrical Engineering, or a related field
from an accredited program is required.Applicable years of
experience may be substituted for the degree requirement.Minimum 13
years of professional experience required. 10 years of experience
in cybersecurity, with at least 5 years specifically in Governance,
Risk and Compliance is preferred.5 years Consulting Management
experience is preferredIndustry-recognized certifications to be
considered, such as: CRISC; CISM (CISSP); Cobit; SABSA Foundation;
ISO27001 (ISMS); IEC52443; ITIL / ISO20000; Compliance Officer (IT,
ICS); BCM (ISO22301); Agile FoundationProven leadership
experience.Excellent analytical, problem-solving, and communication
skills.Ability to work independently and collaboratively within a
team environment.Strong attention to detail, facilitation, team
building, and collaboration
skillsEEO/Minorities/Females/Disabled/Veterans1898 & Co. is a
business, technology and security solutions consultancy where
experience and foresight come together to unlock lasting
advancements. We innovate today to fuel your future growth,
catalyzing insights that drive smarter decisions, improve
performance and maximize value. As part of Burns & McDonnell, we
draw on more than 120 years of deep and broad experience in complex
industries as we envision and enable the future for our
clients.
#J-18808-Ljbffr
Keywords: Burns & McDonnell, Alexandria , Director of Security Compliance - Industrial Cybersecurity Consulting - 1898 & Co. (Multiple Lo[...], Executive , Washington, Virginia
Didn't find what you're looking for? Search again!
Loading more jobs...