Cyber Third Party Risk Management Lead

Requisition ID: 289524

• Relocation Authorized: None
• Telework Type: Full-Time Telework
• Work Location: Reston, VA
• Salary Range: $105,060 - $160,220 annually (Determined by function, education, experience, and qualifications of the applicant.)

Extraordinary Teams Building Inspiring Projects
Since 1898, we have helped customers complete more than 25,000 projects in 160 countries on all seven continents that have created jobs, grown economies, improved the resiliency of the world's infrastructure, increased access to energy, resources, and vital services, and made the world a safer, cleaner place.

Differentiated by the quality of our people and our relentless drive to deliver the most successful outcomes, we align our capabilities to our customers' objectives to create a lasting positive impact. We serve the Infrastructure; Nuclear, Security & Environmental; Energy; Mining & Metals, and the Manufacturing and Technology markets. Our services span from initial planning and investment, through start-up and operations.

Core to Bechtel is our Vision, Values and Commitments . They are what we believe, what customers can expect, and how we deliver. Learn more about our extraordinary teams building inspiring projects in our Impact Report .

Job Summary
As the lead for the third-party cybersecurity risk management team, you will oversee the intake, prioritization, and evaluation of cyber risks for Bechtel's global operations. In this role, you ensure that all technology risk evaluation requests are completed promptly and in accordance with Bechtel's information security standards and governance requirements. You will provide guidance and mentorship to junior assessors and serve as the primary liaison among internal stakeholders, including architecture, release and deployment, and procurement teams. Your leadership will drive clarity, accountability, and timely resolution of cyber risk management issues, helping to safeguard Bechtel's operations and support continuous improvement in risk management practices.

Major Responsibilities
Intake & Prioritization

• Manage the timeline and scheduling on behalf of the team throughout the full lifecycle of cyber risk evaluations, from initiation to closure, including prioritization based on business impact and risk.
• Participate in weekly prioritization meetings to align stakeholders within the risk management process on current sprint goals and backlog management.

Risk Evaluation & Documentation

• Draft and deliver information security risk assessments.
• Collaborate with procurement, contracts, architecture teams as well as internal customers to support progress of the evaluations and associated risks for cloud and on-prem solutions.
• Serve as the primary point of contact for internal customers and stakeholders, including project managers, innovation leads, and vendor liaisons.

Process Optimization

• Identify bottlenecks in the third-party cyber risk management process and propose automation or procedural improvements.
• Provide training and mentorship to junior staff and new team members on cybersecurity, risk management, and evaluation standards.

Audit & Compliance Support

• Support audit handoffs and ensure demand documentation meets compliance standards.

Education And Experience Requirements
Requires bachelor's degree (or international equivalent) and 8-10 years of relevant experience or 12-14 years of relevant work experience

Required Knowledge And Skills

• Excellent communication and stakeholder management skills.
• Experience with cybersecurity, vendor risk management and third-party due diligence.
• Strong understanding of cloud-based services, enterprise architecture, information security industry standards and regulatory frameworks (e.g., ISO27001, Cyber Essentials, FedRAMP, etc.).
• Bachelor's degree in information systems, cybersecurity, or related field (or international equivalent).
• 8+ years of experience in cybersecurity, risk management or other professional experience related to cybersecurity risk management.
• Proficiency in ServiceNow, Microsoft 365, and risk assessment tools.

Preferred Qualifications

• Uses data analytics to identify current critical risks and recommend actions to improve.
• Identify policy and procedure gaps and leads policy development.

Total Rewards/Benefits
For decades, Bechtel has worked to inspire the next generation of employees and beyond Because our teams face some of the world's toughest challenges, we offer robust benefits to ensure our people thrive. Whether it is advancing careers, delivering programs to enhance our culture, or providing time to recharge, Bechtel has the benefits to build a legacy of sustainable growth. Learn more at Bechtel Total Rewards

Diverse Teams Build The Extraordinary
As a global company, Bechtel has long been home to a vibrant multitude of nationalities, cultures, ethnicities, and life experiences. This diversity has made us a more trusted partner, more effective problem solvers and innovators, and a more attractive destination for leading talent.

We are committed to being a company where every colleague feels that they belong-where colleagues feel part of "One Team," respected and rewarded for what they bring, supported in pursuing their goals, invested in our values and purpose, and treated equitably. Click here to learn more about the people who power our legacy.

At Bechtel, our employees enjoy a competitive total rewards package that includes comprehensive medical, dental, and vision plans, along with optional disability and supplemental insurance options, generous paid time off (160 hours annually, accrued 6.16 hours per pay period), nine paid holidays, paid parental leave, discretionary bonuses, and a well-designed 401K plan with matching and profit-sharing components
Bechtel is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity and expression, age, national origin, disability, citizenship status (except as authorized by law), protected veteran status, genetic information, and any other characteristic protected by federal, state or local law. Applicants with a disability, who require a reasonable accommodation for any part of the application or hiring process, may e-mail their request to