Senior Manager, Cybersecurity Strategy & Governance

Extraordinary teams building inspiring projects:

Since 1898, we have helped customers complete more than 25,000 projects in 160 countries on all seven continents that have created jobs, grown economies, improved the resiliency of the world's infrastructure, increased access to energy, resources, and vital services, and made the world a safer, cleaner place. 

Differentiated by the quality of our people and our relentless drive to deliver the most successful outcomes, we align our capabilities to our customers' objectives to create a lasting positive impact. We serve the Infrastructure; Nuclear, Security & Environmental; Energy; Mining & Metals, and the Manufacturing and Technology markets. Our services span from initial planning and investment, through start-up and operations. 

Core to Bechtel is our Vision, Values and Commitments. They are what we believe, what customers can expect, and how we deliver. Learn more about our extraordinary teams building inspiring projects in our Impact Report. 

Job Summary:

Reporting to the CISO, the Senior Manager for Cybersecurity Strategy & Governance is the principal strategic partner responsible for developing, operationalizing, and governing Bechtel’s enterprise cybersecurity program. The Senior Manager leads the creation and execution of the organization’s end‑to‑end cybersecurity strategy (Strategy to Execution), ensuring alignment with business goals and recognized frameworks such as NIST Cybersecurity Framework (CSF) 2.0; ensures clarity of cybersecurity responsibilities and leadership accountability; oversees cybersecurity program governance and KPI development and IT Audit function; ensures coordinated execution across all teams.

Major Responsibilities:

• Cybersecurity Strategy: Define, maintain, and execute the enterprise cyber strategy and multi‑year roadmap aligned to business objectives and NIST CSF 2.0 governance outcomes. Drive program to improve overall Cybersecurity Maturity; matching program maturity gaps in capabilities with investment strategies.

• Governance & Policy Oversight: Establish and lead the cybersecurity governance model, including executive engagement, policy oversight, role clarity, and bi-annual external maturity assessments aligned with NIST CSF and ISO/IEC 27001.

• Program Metrics, KPIs & Performance Management: Design and oversee enterprise cybersecurity KPIs and reporting (eg MTTD, MTTR, SLA’s) to measure program effectiveness and inform executive and Audit Committee decision‑making.
• Financial Planning & Budget Governance: Leads annual cyber budget planning, forecasting, and financial stewardship, ensuring alignment of investments to strategic priorities and clear visibility into cost‑to‑value, consistent with modern CISO responsibilities that emphasize budget planning and risk‑aligned investment decisions.  

• Program & Portfolio Management: Manages the cybersecurity program portfolio, ensuring structured prioritization, resource coordination, benefits realization, and delivery quality; establishes PMO‑style governance for major initiatives (e.g., technology upgrades, risk reduction programs, compliance‑driven remediation).

• Executive & Board Reporting: Prepares high‑quality, decision‑oriented reporting for the Audit Committee, Cybersecurity Working Group, and senior leadership on risk posture, maturity, strategic progress, and investment needs. Develops briefing materials, narrative analyses, dashboards, and talking points for CISO and executive presentations.

• Stakeholder & Cross‑Functional Leadership: Drive enterprise‑wide alignment and adoption of cybersecurity practices through collaboration with IT, Legal, HR, Compliance, Supply Chain, and business leaders. Represents the CISO in internal and external meetings, customer due diligence sessions, and vendor engagements as needed.

• IT Audit: Provides strategic oversight of the IT audit program, defining audit scope and priorities, translating audit results into actionable risk insights and ensuring timely remediation.

Education and Experience Requirements:

Bachelor’s degree and 10 or more years’ experience in cybersecurity, technology governance, risk management, or related domains – or - (in lieu of degree), requires an additional 5 or more years’ in a strategy, governance or leadership capacity.

Prefer Graduate degree (MBA, MS Cybersecurity, or equivalent). Prefer Certifications such as CISSP, CISM, CRISC, CGEIT, or PMP.

Required Knowledge and Skills:

• Deep understanding of NIST CSF and its governance, risk, policy, and oversight expectations.
• Prefer experience creating or managing programs aligned with ISO/IEC 27001 governance requirements, particularly Clause 5.3’s mandate for clearly defined responsibilities and authorities.
• Demonstrated experience developing board‑level cybersecurity reporting and communications; experience with program/portfolio management and cybersecurity budgeting.
• Prefer experience in large, complex organizational environments with matrixed decision structures.
• Strategic Thinking: Ability to translate complex risks and technical issues into clear, actionable strategies informed by NIST CSF and ISO 27001 structure.
• Governance Expertise: Strong policy design, governance architecture, and oversight capabilities aligned with industry best practices.
• Analytical Depth: Ability to design and interpret KPIs to guide executive‑level decision‑making.
• Communication Excellence: Exceptional writer and presenter capable of producing board‑quality materials.
• Cross‑Functional Leadership: Adept at influencing across functions and collaborating in complex environments.
• Execution Discipline: Strong follow‑through, prioritization, and program delivery skills.

Total Rewards/Benefits:

For decades, Bechtel has worked to inspire the next generation of employees and beyond! Because our teams face some of the world's toughest challenges, we offer robust benefits to ensure our people thrive.  Whether it is advancing careers, delivering programs to enhance our culture, or providing time to recharge, Bechtel has the benefits to build a legacy of sustainable growth. Learn more at Bechtel Total Rewards

Diverse teams build the extraordinary:

As a global company, Bechtel has long been home to a vibrant multitude of nationalities, cultures, ethnicities, and life experiences. This diversity has made us a more trusted partner, more effective problem solvers and innovators, and a more attractive destination for leading talent.

We are committed to being a company where every colleague feels that they belong-where colleagues feel part of "One Team," respected and rewarded for what they bring, supported in pursuing their goals, invested in our values and purpose, and treated equitably. Click here to learn more about the people who power our legacy.