Black & Veatch

Senior GRC Analyst

Black & Veatch  •  Overland Park, KS (Hybrid)  •  1 hour ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Together, we own our company, our future, and our shared success.

As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.

Company : Black & Veatch Corporation

Req Id : 115500

Opportunity Type : Staff

Relocation eligible : No

Full time/Part time : Full-Time

Project Only Hire : No

Visa Sponsorship Available: No

Why Black & Veatch?

Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation, 401k match and benefits that start day one.

Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.

The Sr. Analyst, Governance, Risk, and Compliance (GRC) plays an important role in the GRC delivery framework, ensuring Black & Veatch’s compliance with contractual and regulatory requirements, assessing control design and operation against common standards and frameworks, and assisting with third-party/supply chain risk management. The candidate will also promote a culture of risk awareness across the enterprise among other responsibilities. With an emphasis on cyber, contract and regulatory compliance risk management, the ideal candidate should be able to contribute to measuring success and identifying improvement opportunities and capabilities development in these areas.

This role is ideal for a detail-oriented professional with a passion for cyber and compliance risk management who is comfortable operating independently. Independent and critical thinking is absolutely necessary to be successful in this role as is a desire to drive efficiencies in function delivery and day-to-day tasks.

Key Responsibilities

  • Proven experience reviewing client contract provisions related to data security, breach reporting, cyber resilience, and compliance certifications and measuring compliance in IT and security architecture and operations.
  • Support independent certification and audit by working with D&IT peer groups and lines of business to collect documentation and evidence of security policies and operations
  • Request and review documentation and evidence from control owners to certify and validate compliance to standards and industry-accepted best practice
  • Monitor regulatory and legal landscape at a global scale and across market sectors and maintain awareness of compliance requirements
  • Act as an informed voice in development of policy and ensure alignment with regulatory, legal, and contractual requirements
  • Assist establishment and enforcement of standards of practice documentation to be referenced by architecture and operations teams
  • Contribute process and subject matter expertise in governance forums and cross-functional committees
  • Collaborate with peer D&IT groups to collect KPI’s, KRI’s and drive efficiency through automation and other means
  • Contribute subject matter expertise through third party risk assessment process
  • Identify and communicate risk of vendor engagements and mitigation actions to business owners and D&IT stakeholders
  • Assist review of client security requirements in contracts and aggregate relevant clauses to inform contractual risk
  • Assist development of user training aligned with cyber threat landscape, establish and implement metrics, and propose enhancements

Preferred Qualifications

  • Strong analytical, organizational, and communication skills
  • Professional certifications such as CRISC, CISSP or others
  • Experience with ServiceNow Risk Management platform
  • Knowledge of FAR, DFARS, CMMC
  • Experience with GRC platforms and risk management methodologies
  • Ability to work independently and collaboratively as required

Minimum Qualifications

  • Bachelor’s degree in information systems, Information Security, or a related field
  • 7–10 years of experience in GRC executing or auditing against standards, frameworks, and industry regulations
  • Demonstrated experience supporting GRC functions for global companies
  • Solid proficiency in risk assessment methodologies and frameworks
  • Proven ability to assess alignment of internal policy, process, control design and operations, and cyber risk management with regulatory standards and frameworks
  • Strong collaboration with IT teams
  • Familiarity with industry standards and frameworks (e.g., NIST CSF and supporting SP’s, ISO 27001, AICPA SOC)
  • Working knowledge of cyber and privacy laws and regulations
  • Solid understanding of information security principles and concepts
  • Strong desire to create task and functional efficiencies through use of technology and tools, especially GenAI

Salary Plan

ITS: Information Technology Service

Job Grade

016

Black & Veatch endeavors to make www.bv.com/careers accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at +1-913-359-1622 or via our accommodations request form This contact information is for disability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.

Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.

Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.

To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.

A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.

We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.

By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.

BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

Notice to External Search Firms Black & Veatch does not accept unsolicited resumes and will not be obligated to pay a placement fee for unsolicited resumes. Black & Veatch Talent Acquisition engages with search firms directly for hiring needs.

Black & Veatch

About Black & Veatch

Black & Veatch is an employee-owned, global leader in building critical human infrastructure in Energy, Water, Digital Connectivity and Government Services. Since 1915, we have helped our clients improve business operations and the lives of people in over 100 countries through consulting, engineering, construction, operations and program management. Our purpose is building a world of difference and our vision is to be THE leader in sustainable infrastructure.

Black & Veatch Holding Company, its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

Industry
Architecture & Engineering
Company Size
10,000+ employees
Headquarters
Overland Park, KS
Year Founded
1915
Website
bv.com
Social Media