Business Services & Consulting • Cary, NC 27511
Together, we own our company, our future, and our shared success. As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.
The Opportunity We are seeking an experienced Data Security Operations Lead to spearhead our organization's data security initiatives. This critical role will drive the development, implementation, and management of a comprehensive data security program, ensuring the protection of sensitive data across cloud, SaaS, and on-premises environments. The ideal candidate will have a deep understanding of modern data security challenges, including those driven by AI and cloud adoption, and will lead efforts to enhance visibility, mitigate risks, and ensure compliance.
The Team Black & Veatch's Business Enablement consists of critical groups that help enable the organizations people, projects, and businesses to be as successful as possible. Functions in this group include Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services.
Key Responsibilities Oversee the continuous identification and mapping of all data assets across diverse environments, including cloud (IaaS, PaaS, SaaS), databases, and on-premises systems.Utilize available tools to discover data stores and maintain a real-time inventory of sensitive data, ensuring no blind spots in the data landscape.Collaborate with IT and business units to understand data flows and ensure comprehensive visibility into where critical data resides.Maintain and support a robust Data Security Posture Management (DSPM) framework to continuously assess and improve the organization's data security posture.
Identify and prioritize risks, such as misconfigurations, excessive permissions, or plaintext data storage, and provide actionable remediation recommendations.Monitor data stores for vulnerabilities and ensure proactive measures to reduce the attack surface across all environments.Develop and enforce Data Loss Prevention (DLP) policies to prevent unauthorized access, exfiltration, or misuse of sensitive data.Implement and manage real-time monitoring and controls to detect and block sensitive data from leaving secure environments and minimize false positives.Identify compromised instances, insider risk, or misconfigurations, providing context-rich insights for rapid incident response.
Lead the development of a proactive Data Detection & Response (DDR) strategy to detect and respond to data security incidents in real-time.Coordinate with incident response teams to mitigate risk and ensure operational resilience.Ensure the data security program aligns with industry regulations (e.g.: GDPR, CCPA, GLBA) and internal privacy policies.Provide actionable insights to stakeholders to maintain regulatory compliance without disrupting business operations.Implement controls to ensure sensitive data is only accessible to authorized AI systems, reducing risk associated with AI-driven data sprawl.
Align data security initiatives with business objectives through coordination and cooperation.Communicate effectively with leadership, providing clear, data driven insights into the organization's security posture and improvement strategies.Foster a culture of continuous learning, ensuring the program adapts to evolving risks and technological advancements.
Management Responsibilities Individual Contributor Minimum Qualifications Bachelor's degree in computer science, Cybersecurity, Information systems or related field or equivalent experience. 10+ years in Cybersecurity with at least 3 years in a leadership role focused on data security or DSPM.Proven experience in designing and implementing data security programs.Hands-on experience with data discovery, classification, DLP, and access governance tools.
All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
Preferred Qualifications Education: Bachelor's degree in computer science, Cybersecurity, Information systems or related field or equivalent experience.Certifications (e.g.: CISSP, CISM, CISA) are preferred.Experience: 7+ years in Cybersecurity with at least 3 years in a leadership role focused on data security or DSPM.Proven experience in designing and implementing data security programs.Hands-on experience with data discovery, classification, DLP, and access governance tools.Skills Experience in modern data security frameworks, including DSPM, DLP, and DDR.Strong ability to improvise to solve complex problems.
Strong communication skills with both technical and executive audiences.Ability to translate technical risks into business impacts for executive stakeholders.Excellent project management, time management, and organizational skills Certifications Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP or similar privacy certifications.
Work Environment/Physical Demands Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments. Salary Plan ITS: Information Technology Service Job Grade 017
Together, we own our company, our future, and our shared success. As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.
The Opportunity We are seeking an experienced Data Security Operations Lead to spearhead our organization's data security initiatives. This critical role will drive the development, implementation, and management of a comprehensive data security program, ensuring the protection of sensitive data across cloud, SaaS, and on-premises environments. The ideal candidate will have a deep understanding of modern data security challenges, including those driven by AI and cloud adoption, and will lead efforts to enhance visibility, mitigate risks, and ensure compliance.
The Team Black & Veatch's Business Enablement consists of critical groups that help enable the organizations people, projects, and businesses to be as successful as possible. Functions in this group include Digital & Information Technology, Global Finance, Global Human Resources, Legal, Risk Management, and Government Affairs and Real Estate and Building Services.
Key Responsibilities Oversee the continuous identification and mapping of all data assets across diverse environments, including cloud (IaaS, PaaS, SaaS), databases, and on-premises systems.Utilize available tools to discover data stores and maintain a real-time inventory of sensitive data, ensuring no blind spots in the data landscape.Collaborate with IT and business units to understand data flows and ensure comprehensive visibility into where critical data resides.Maintain and support a robust Data Security Posture Management (DSPM) framework to continuously assess and improve the organization's data security posture.
Identify and prioritize risks, such as misconfigurations, excessive permissions, or plaintext data storage, and provide actionable remediation recommendations.Monitor data stores for vulnerabilities and ensure proactive measures to reduce the attack surface across all environments.Develop and enforce Data Loss Prevention (DLP) policies to prevent unauthorized access, exfiltration, or misuse of sensitive data.Implement and manage real-time monitoring and controls to detect and block sensitive data from leaving secure environments and minimize false positives.Identify compromised instances, insider risk, or misconfigurations, providing context-rich insights for rapid incident response.
Lead the development of a proactive Data Detection & Response (DDR) strategy to detect and respond to data security incidents in real-time.Coordinate with incident response teams to mitigate risk and ensure operational resilience.Ensure the data security program aligns with industry regulations (e.g.: GDPR, CCPA, GLBA) and internal privacy policies.Provide actionable insights to stakeholders to maintain regulatory compliance without disrupting business operations.Implement controls to ensure sensitive data is only accessible to authorized AI systems, reducing risk associated with AI-driven data sprawl.
Align data security initiatives with business objectives through coordination and cooperation.Communicate effectively with leadership, providing clear, data driven insights into the organization's security posture and improvement strategies.Foster a culture of continuous learning, ensuring the program adapts to evolving risks and technological advancements.
Management Responsibilities Individual Contributor Minimum Qualifications Bachelor's degree in computer science, Cybersecurity, Information systems or related field or equivalent experience. 10+ years in Cybersecurity with at least 3 years in a leadership role focused on data security or DSPM.Proven experience in designing and implementing data security programs.Hands-on experience with data discovery, classification, DLP, and access governance tools.
All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
Preferred Qualifications Education: Bachelor's degree in computer science, Cybersecurity, Information systems or related field or equivalent experience.Certifications (e.g.: CISSP, CISM, CISA) are preferred.Experience: 7+ years in Cybersecurity with at least 3 years in a leadership role focused on data security or DSPM.Proven experience in designing and implementing data security programs.Hands-on experience with data discovery, classification, DLP, and access governance tools.Skills Experience in modern data security frameworks, including DSPM, DLP, and DDR.Strong ability to improvise to solve complex problems.
Strong communication skills with both technical and executive audiences.Ability to translate technical risks into business impacts for executive stakeholders.Excellent project management, time management, and organizational skills Certifications Must hold at least 1 certification such as CISSP, CISM, CISA, CRISC, CIPP or similar privacy certifications.
Work Environment/Physical Demands Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments. Salary Plan ITS: Information Technology Service Job Grade 017
