Cybersecurity Business Information Security Officer (BISO)

Extraordinary teams building inspiring projects:

Since 1898, we have helped customers complete more than 25,000 projects in 160 countries on all seven continents that have created jobs, grown economies, improved the resiliency of the world's infrastructure, increased access to energy, resources, and vital services, and made the world a safer, cleaner place. 

Differentiated by the quality of our people and our relentless drive to deliver the most successful outcomes, we align our capabilities to our customers' objectives to create a lasting positive impact. We serve the Infrastructure; Nuclear, Security & Environmental; Energy; Mining & Metals, and the Manufacturing and Technology markets. Our services span from initial planning and investment, through start-up and operations. 

Core to Bechtel is our Vision, Values and Commitments. They are what we believe, what customers can expect, and how we deliver. Learn more about our extraordinary teams building inspiring projects in our Impact Report. 

Job Summary:

Reporting to the Manager of Business Engagement, the Cybersecurity Business Information Security Officer – BISO, serves as the primary interface between Bechtel’s Global Business Units (GBUs) and the enterprise cybersecurity organization. The role ensures cybersecurity strategy, risk management, and assurance activities are embedded into business operations, engineering delivery, and project execution. The role is accountable for proactively identifying, assessing, and managing cybersecurity risks within the business; providing assurance that controls meet Bechtel policies, standards, and regulatory obligations; and ensuring alignment with evolving business, customer, and regulatory cybersecurity requirements. Enables secure innovation, facilitates technology adoption, and leads cybersecurity risk posture and assurance.

*This position can be based in Reston, VA or Houston, TX.

Major Responsibilities:

Risk Management & Assurance:

Serves as the primary cybersecurity risk advisor to assigned GBU’s, ensuring cyber risks are proactively assessed and managed in alignment with Bechtel’s risk appetite. 

Owns and oversees the GBU cybersecurity risk posture, ensuring appropriate governance, assurance, audit readiness, and compliance. 

Drives and aligns cybersecurity risk assessments for business processes, digital engineering platforms, cloud solutions, AI initiatives and third-party integrations. 

Ensures remediation plans for identified risks are clearly defined, tracked, and executed. 

Supports internal and external audits, regulatory reviews, and customer-driven cybersecurity assessments. 

Partners with Third-Party Risk Management to assess and manage cybersecurity risks associated with suppliers, joint ventures, subcontractors, and strategic partners. 

Business Alignment & Secure Enablement:

Acts as the primary bridge between business leadership and cybersecurity, ensuring security priorities align with business objectives, project delivery timelines, and regulatory obligations. 

Advises business stakeholders through IT and digital intake processes as it relates to cybersecurity, including review of technical documentation and facilitation of cybersecurity and enterprise architecture reviews for new and changed technologies. 

Works directly with GBU leadership to understand customer-driven, contract-driven, and regulatory cybersecurity requirements in the regions and sectors they operate. 

Translates business requirements into clear cybersecurity needs and work with central cybersecurity teams to ensure alignment, feasibility, and timely delivery of controls. 

Enables the secure adoption of emerging technologies (e.g., cloud platforms, digital engineering solutions, data analytics, AI, and OT systems) while maintaining appropriate risk management and assurance. 

Advisory, Communication & Change Leadership:

Advises business leaders, project teams, and functional stakeholders on cybersecurity requirements, risk considerations, and best practices. 

Serves as GBU POC and coordinates incident response activities within Cyber Defense Center. 

Promotes a culture of shared accountability for cybersecurity risk and operational resilience. 

Provides leadership with tailored dashboards, metrics, and reports on cybersecurity risk posture, trends, compliance status, and assurance outcomes. 

Acts as a change ambassador, supporting business units through technology and process changes while maintaining resilience and delivery commitments.

Education and Experience Requirements:

Requires bachelor’s degree in a relevant discipline plus 8 years progressive experience in information security, cybersecurity, or risk management roles - including 2 years working directly with business units or in a liaison role aligning technology and business objectives.

Prefer 3-5 years’ experience in governance, risk, compliance, or regulated environments (e.g., FIMSA, GBLA, export controls, or large-scale infrastructure programs).

Required Knowledge and Skills:

Demonstrated experience in stakeholder engagement and executive-level communication, with the ability to influence InfoSec/Cyber/Assurance outcomes across complex, matrixed organizations. 

Experience with industry-recognized frameworks and standards such as NIST, ISO/IEC 27001/27002, CSA, or equivalent. 

Demonstrated experience driving proactive identification and mitigation of cybersecurity risks within business and project delivery environments. 

Experience managing or influencing enterprise-level initiatives, including application portfolios, digital platforms, and IT intake and governance processes. 

Demonstrated project and program management skills. 

Prefer Project Management Professional (PMP) Certification or formal Project Management training. 

Prefer Certified Information Systems Security Professional (CISSP). 

Prefer Certified Information Security Manager (CISM).

Total Rewards/Benefits:

For decades, Bechtel has worked to inspire the next generation of employees and beyond! Because our teams face some of the world's toughest challenges, we offer robust benefits to ensure our people thrive.  Whether it is advancing careers, delivering programs to enhance our culture, or providing time to recharge, Bechtel has the benefits to build a legacy of sustainable growth. Learn more at Bechtel Total Rewards

Diverse teams build the extraordinary:

As a global company, Bechtel has long been home to a vibrant multitude of nationalities, cultures, ethnicities, and life experiences. This diversity has made us a more trusted partner, more effective problem solvers and innovators, and a more attractive destination for leading talent.

We are committed to being a company where every colleague feels that they belong-where colleagues feel part of "One Team," respected and rewarded for what they bring, supported in pursuing their goals, invested in our values and purpose, and treated equitably. Click here to learn more about the people who power our legacy.