Industrial Cybersecurity Senior Consultant

 

At Black & Veatch, our employee-owners go beyond the project. For over a century, we have been breaking down social, economic and geographic barriers by making life's critical resources accessible to all. Working with us, you will help provide critical expertise as we, along with our valued clients, deliver solutions that positively impact communities around the world. Our professionals are our greatest asset, and we believe nothing is more important than the health, happiness and professional growth of our employee-owners. With a focus on flexible work-life balance options, an expanding and diverse workforce, and limitless career growth opportunities, we will give you our best to help you give us your best, and together we can build a world of difference. 

 

Req Id : 108189 

Opportunity Type : Staff 

Relocation eligible : No 

Full time/Part time : Full-Time  

Contract Hire Only for this Project : No 

Visa Sponsorship Available: [[custVisaSponsorship]]  

Why Black and Veatch

Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation; 401K match and benefits that start day 1. 
 

Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.

The Opportunity

The Industrial Cybersecurity Senior Consultant manages or contributes to technical consulting projects and implementation services for critical infrastructure clients. The Industrial Cybersecurity Lead leverages their technical and industry knowledge of OT networks and industrial cybersecurity to contribute to the completion of multiple engagement phases.  

 

In this role, you will assess clients’ security posture, develop recommendations to enhance their programs and technologies, and implement recommendations outlined in master plans. This is a hands-on role, blending technical capabilities with analysis and customer guidance.  The role requires a wide range of duties, including onsite assessments, customer relationship management, compliance and standards reviews, security architecture analyses, plan development, and technology implementation and integration. The role also involves running effective customer meetings and risk management workshops, as well as the ability to write a customer maturity analysis.   The Industrial Cybersecurity Senior Consultant demonstrates capabilities with minimal level of oversight from more senior level professionals. The scope and size of projects they contribute to are generally medium to large in size or they may own a moderate to significant portion of a larger project.  The Industrial Cybersecurity Senior Consultant might manage and develop a delivery team. This will include the hiring, training, and day-to-day supervision of a team of technical consultants and implementation specialists.  

 

This role will be designated in our business traveler work schedule. We are committed to providing a healthy, safe and flexible work environment for all professionals while helping them remain productive and connected. Our business traveler work schedule includes BV professionals who travel consistently 60% or more of their work schedule and provide flexibility around being in an office location.  

• Days during travel weeks that are non-travel days, professionals may work in the office or at a remote location.  
• On non-travel work weeks, professionals may work in a BV office location 3 days a week and in a remote location 2 days a week.  
   

Key Responsibilities

Technical Consulting and Implementation Capabilities:  

• Assesses people, process, and technical dimensions of client cybersecurity posture  
• Develops and writes master plans and cybersecurity programs of work that combine analyses, reviews, and recommendations of client industrial cyber programs, technologies, and networks  
• Leads workshops, data collection, tabletop exercises and client interviews  
• Conducts asset and vulnerability scanning of customer networks, including the installation of scanning and monitoring technologies  
• Performs walk-downs of client sites to assess cyber and physical security postures  
• Applies industrial cybersecurity standards and regulatory requirements (e.g., NERC CIP, NIST, IEC 62443) to customer programs  
• Performs technical (e.g., segmentation, hardening, technology integration) and programmatic (e.g., policies, response plans) implementation of master plans and recommendations  
• Contributes to quality review on own engagements  
• Develops applicable knowledge bases by using best practices to redefine tools and techniques. Outlines specific performance measures, targets, and goals to articulate the business case for realized efficiencies or added value  
• Challenges client’s current strategy and direction through persuasive argument. Defines competitive advantage and achievable value to the client through use of the strategic change components and metrics. Formulates issue-based hypotheses and develops analytical plan for testing. Contributes to analysis of impact of strategic changes by defining linkages and interdependencies.   
• Utilizes specialized knowledge to produce complex work products and solutions across all phases of an engagement  
• Anticipates and resolves technical problems with minimal technical assistance from others  
• Develops, presents, and defends conclusions, recommendations, and implementation plans  
• Identifies technical issues impacting an engagement and proposes solutions  
• Analyzes and applies best practices knowledge of the industry  
• May contribute to the development and implementation of the strategic direction and objectives of a service offering  

Project Management Capability (where applicable):  

• Manages moderate to highly complex engagements through all stages and phases  
• Secures commitment and participation from the client’s senior management by leveraging relationships  
• Recommends appropriate resources based on the phases of an assignment  
• Delegates work to assigned team members  
• Uses defined processes and practices in assessing engagement risks  
• Manages engagement issues in less complex projects or escalates issues in more complex projects  
• Identifies and develops new sales opportunities with existing or new clients  
• Secures receivables from clients during and after completion of engagements  

Team Leadership (if applicable):  

• Hires, trains, and develops delivery teams  
• Supervises and manages day-to-day activities for delivery team  
• Transfers knowledge, capabilities, and skills to improve others’ knowledge and skill levels   
• Provides ongoing feedback to professionals on the projects    
• Contributes to the career development of others through engagement assignments and general evaluation  
• Delegates work duties according to the development opportunities and needs of individuals  

Minimum Qualifications

• Bachelor's Degree or relevant work experience
• Has managed significant engagements
• 10+ years in a business/consulting environment
• All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.

Preferred Qualifications

• Experience applying common OT standards and regulations (e.g., NIST, IE6433, CMMC, NERC CIP)  
• Experience scoping technical projects  
• Proven ability to assess security architectures of OT networks  
• Direct experience in planning and facilitating risk workshops, table-top exercises, and other client-facing work sessions  
• Experience with OT Security-by-design and/or new OT in construction  
• Has managed significant engagements  
• 10+ years in a business/consulting environment  

Preferred Qualifications  

• Experience at customer sites  
• Proven experience with OT penetration testing and/or red teaming  
• Proven ability to install monitoring technologies (e.g., Nozomi, Dragos, Tenable, Claroty)  
• Experience conducting maturity and technical assessments  
• Proven team leadership and management experience  
• Graduate degree(s) preferred  
• 2+ years business development experience preferred  

Certifications

• Other relevant cybersecurity certifications (e.g., Nozomi, Fortinet, Dragos, Tenable) - preferred  

Work Environment/Physical Demands

Normal office environment with a hybrid work schedule: 3 days in office and 2 days remote 

Salary Plan

CST: Consulting

Job Grade

005

BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) affirmative action laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.

 

Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy. We offer professionals an array of health and welfare benefits that vary based on their geographic region and employment status. This may include health, life accident and disability insurances, paid time off, financial programs and more. Professionals may also be eligible for a performance-based bonus program.

 

By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.