**Manager of Cyber Governance, Risk, and Compliance** Date: Aug 19, 2025 Location: Cary, NC, US Overland Park, KS, US Company: Black & Veatch Family of Companies **Together, we own our company, our future, and our shared success.** As an employee-owned company, our people _are_ Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference. **Company :** Black & Veatch Corporation **Req Id :** 110364 **Opportunity Type :** Staff **Relocation eligible :** Yes **Full time/Part time :** Full-Time **Project Only Hire :** No **Visa Sponsorship Available:** No **Why Black and Veatch** Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation; 401K match and benefits that start day 1. Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use. **The Opportunity** The **Manager of Governance, Risk and Compliance (GRC)** is a leadership role within the cyber security organization. This individual is responsible for establishing and maintaining a comprehensive GRC framework, ensuring compliance with regulatory requirements, managing third-party risks, and overseeing enterprise-wide risk management processes. The Director will work closely with executive leadership, cyber security, legal, IT, and other key stakeholders to safeguard the organization's interests and promote a culture of risk awareness and accountability. **Key Responsibilities** **Governance, Risk and Compliance (GRC)** + Develop, implement, and maintain the GRC framework and strategy. + Ensure compliance with relevant laws, regulations, and industry standards. + Conduct regular risk assessments and compliance audits. + Monitor and report on the effectiveness of GRC initiatives to senior leadership. + Develop and deliver GRC training programs to employees. **Privacy** + Oversee the organization's privacy policies and practices. + Ensure compliance with global privacy regulations, including GDPR and CCPA. + Manage data protection and privacy breach response processes. + Conduct privacy impact assessments and audits. + Provide guidance on privacy-related matters to business units and stakeholders. **Policy and Technology Oversight** + Develop and maintain policies related to GRC, privacy, and risk management. + Ensure alignment of policies with organizational goals and regulatory requirements. + Oversee the implementation of technology solutions that support GRC and risk management activities. + Evaluate and select GRC and risk management tools and technologies. **Third-Party Risk Management** + Develop and implement a third-party risk management program. + Conduct due diligence and risk assessments of third-party vendors and partners. + Monitor third-party compliance with contractual and regulatory requirements. + Establish and maintain relationships with key third-party stakeholders. + Report on third-party risk management activities to senior leadership. **Enterprise Risk Management (ERM)** + Represent cyber security and information technology within the enterprise risk management framework. + Oversee the technology areas to identify, assess, and prioritize enterprise risks. + Develop and implement risk mitigation strategies and action plans. + Monitor and report on the status of enterprise risks and mitigation efforts. + Promote a culture of risk awareness and accountability across the organization. **Preferred Qualifications** + Bachelor's degree in business administration, law, or a related field; advanced degree preferred. + Minimum of 10 years of experience in GRC, privacy, risk management, or a related field. + Strong knowledge of relevant laws, regulations, and industry standards. + Proven experience in developing and implementing GRC and risk management frameworks. + Excellent communication, leadership, and interpersonal skills. + Ability to work collaboratively with cross-functional teams and stakeholders. + Professional certifications such as CCEP, CIPP, CRISC, or similar are highly desirable. **Key Competencies** + Strategic thinking and problem-solving abilities. + Strong analytical and decision-making skills. + Ability to manage multiple priorities and deliver results under pressure. + High ethical standards and integrity. **Minimum Qualifications** + Bachelor's degree + 15+ years of experience + All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations. **Work Environment/Physical Demands** Hybrid or flexible work options may be offered after the first 90 days of employment based upon manager discretion, job performance and work assignments. **Salary Plan** ITS: Information Technology Service **Job Grade** 008 Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at +1-913-359-1622 or via our. This contact information is for disability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned. Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy. Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program. To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time. A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program. We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership. By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients. BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law. For our EEO Policy Statement, please click. **Notice to External Search Firms** : Black & Veatch does not accept unsolicited resumes and will not be obligated to pay a placement fee for unsolicited resumes. Black & Veatch Talent Acquisition engages with search firms directly for hiring needs. **Job Segment:** Engineer, Engineering