AECOM Senior Director, Business Security and Trust Assurance in Dublin, Ireland
United States of America - California, Los Angeles
AECOM is seeking a Senior Director, Business Security and Trust Assurance to help establish and lead a Business Enablement Security Office. This leader will be central and core to the business and advocate for alignment of the security agenda with business agendas and objectives. The role will be the focal point for effective engagement between business lines and the Information/Cyber Security Team. This role is dedicated to bringing awareness to the information and cyber security services and focusing on reducing risk within the business lines/regions and working closely with the lines of business leadership to identify current and future opportunities to improve the security and risk posture of AECOM and the safeguarding of our client’s data.
This position can be based from a variety of international locations (not limited to those listed) and will be primarily remote.
At AECOM, we believe infrastructure creates opportunity for everyone. Whether it’s improving your commute, keeping the lights on, providing access to clean water or transforming skylines, our work helps people and communities thrive.
We take on the most complex challenges and pioneer innovative, iconic solutions that push the limits of what’s possible – the world’s longest cable-stayed bridge, record-breaking sports events, the largest greenfield port development mega project, life-sustainingdisaster recovery programs, and the tallest tower in the Western Hemisphere.
On projects spanning transportation, buildings, water, energy and the environment, we deliver professional services throughout the project lifecycle.
We are proud to be recognized for excellence:
Named one of Fortune magazine's "World's Most Admired Companies" for the sixth consecutive year
Ranked #1 in Engineering News-Record ’s 2020 “Top 200 Environmental Firms”
Ranked #1 in Transportation and General Building in Engineering News-Record ’s 2020 “Top 500 Design Firms”
VIQTORY 2020 Military Friendly® Gold Employer
Major Tasks and Responsibilities:
Global remit for the security teams responsible for representing the information and cyber security program within the business lines/regions.
Drive security and operational risk initiatives globally within the Business Lines and Regions.
Ensure the information security agenda aligns to global business goals and objectives.
Bring awareness and visibility to security policies, standards and processes.
Understand business line strategies and requirements and collaborate with the security team to support the delivery of secure transformation and business led projects.
Partner with the business to identify, analyze and mitigate security risks; appropriately assess risk when business decisions are made.
Support the business in maintaining compliance with internal policies/standards, local laws and regulations, and other (international) guidelines / industry standards for information security.
Ensure compliance with security practices/standards and reduce security risks through business process opportunities.
Be a trusted advisor and consultant of choice for business leadership, ensuring clear visibility into patterns and trends that impact the business control environment and risk posture.
Report to management on security developments and risks/issues identified globally within the business lines.
Support and sponsor information security awareness, training, and education programs/initiatives.
Keep abreast of new technologies, regulatory changes, industry best practices and establish a communication vehicle to ensure business partners are aware.
Respond to client security inquiries/escalations in support of business projects.
Oversee the resources responsible for working with the Business and the Incident Response team to drive incidents to acceptable resolution; perform post-mortem/root cause; implement business process improvements
Knowledge, Skills, Abilities, and Competencies:
Demonstrated ability to influence internal and external stakeholders to achieve success.
Highly developed relationship management and partnership skills across business functions.
Security and business integration experience with proven capability in both technical abilities and organizational awareness to identify, manage, monitor, and report key risks across the organization.
Ability to translate technical security concepts into consumable language for business stakeholders
Broad understanding of security disciplines and cloud providers/solutions to ensure data protection, risk mitigation, etc.
Level specific responsibilities:
Acts as a liaison to executive and functional management.
Develops, approves and directs the implementation of overall IS standards, guidelines, policies and procedures.
Responsible for review and acceptance of IS programs.
Directs assigned projects and support functions for the successful completion of projects.
Oversees the development and maintenance of a qualified and motivated staff.
Reports, to executive and senior management, the status of programs and support activities.
Provides consultation and support to project groups and users in operating systems.
Has budget/financial accountability for the entire IS organization. Sets the direction of the IS organization.
Develops strategic initiatives to bolster the services provided to the rest of the organization.
BA/BS plus EXTENSIVE relevant information security/cyber security experience or demonstrated equivalency of experience and/or education, including 6 years of leadership experience.
Strong communication skills (written and verbal) in English.
5 years of experience in Information Security and/or Cyber Security space.
Additional relevant experience and professional certifications (CISA, CISM, CRISC, CIPP, CISSP, etc.) desired.
Understanding of security frameworks including ISO27001/19650/NIST 800-171/800-53/etc.
Federal government frameworks experience (domestic & international)
Excellent written and oral communication skills.
Extensive experience in the information security field designing and implementing security solutions in a global context.
What We Offer
When you join AECOM, you become part of a company that is pioneering the future. Our teams around the world are involved in some of the most cutting-edge and innovative projects and programs of our time, addressing the big challenges of today and shaping the built environment for generations to come. We ensure a workplace that encourages growth, flexibility and creativity, as well as a company culture that champions inclusion, diversity and overall employee well-being through programs supported by company leadership. Our core values define who we are, how we act and what we aspire to, which comes down to not only delivering a better world, but working to “make amazing happen” in each neighborhood, community and city we touch. As an Equal Opportunity Employer, we believe in each person’s potential, and we’ll help you reach yours.
Job Category Information Technology
Business Line Corporate
Business Group Corporate
Country United States of America
Position Status Full-Time
Requisition/Vacancy No. 248884BR
Additional Locations CA - 35 Prospect Ave. Windsor Ontario, CA - Quebec, QC - 4700, Blvd Wilfrid-Hamel, HK - Shatin, N.T., IE - Dublin - Adelphi Plaza, MX - Mexico City, MEX -, US - Denver, CO - 7595 East Technology Way, US - Houston, TX - 19219 Katy Freeway
Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, sexual orientation, gender identity, disability or protected veteran status.