Principal Cyber Risk Advisor, Cybersecurity M&A

About The Position

Requirements

• 10+ years in cybersecurity with significant M&A diligence and integration/separation leadership.
• Experience across IT and OT/ICS security, including segmentation and operational resilience.
• Deep knowledge of NIST CSF, SP 800-53/800-171, and 800-82; familiarity with NERC CIP.
• Proven ability to quantify risk/remediation and translate into deal economics and SPA/TSA language.
• Track record delivering Day 1 readiness and 30/60/100-day execution with TSA exits in global environments.
• Hands-on depth in IAM/PAM, network/cloud security, endpoint/EDR, data protection, logging/monitoring, vuln mgmt, third-party risk, IR, and BCP/DR.
• Executive communication and matrix leadership; ability to lead external advisors.
• Bachelor’s degree in cybersecurity, computer science, engineering, or related field (or equivalent experience).

Nice To Haves

• OT-heavy transaction experience (generation, grid, renewables); prior clean-room design/operations.
• Risk quantification (e.g., FAIR or equivalent); Lean/Agile/PMO experience with metrics focus.
• Experience improving cyber insurance submissions and influencing SPA/TSA controls.
• Relevant certifications: CISSP, CISM, CRISC, CISA, GICSP, CCSK/CCSP, cloud provider certs.

Responsibilities

• Lead pre-sign red-flag and full due diligence for GE Vernova's Deal Processes in DT and OT/ICS targets aligned to NIST CSF, SP 800-53/800-171, and 800-82.
• Quantify risk and remediation (capex/opex, timeline) and translate into valuation, PPAs, holdbacks, R&Ws/indemnities, and closing conditions.
• Own Day 1 control readiness; build and execute 30/60/100-day plans and drive TSA exit milestones.
• Develop and run standard playbooks for IAM/PAM, network segmentation/zero trust, endpoint/EDR, cloud tenancy/landing zones, app security, data discovery/classification/transfer, logging/SIEM, vulnerability management, third-party risk, IR, and BCP/DR.
• Design/govern safe OT/ICS integration and segmentation strategies; assess NERC CIP applicability and compliance contours.
• Establish clean-room protocols and data handling standards; ensure privacy and cross-border compliance (e.g., DPIAs).
• Operate in a matrix with DT M&A/PMO, Business Development, Legal, Privacy, Finance, Insurance, Sourcing, and BU security; lead cross-functional squads.
• Manage third-party providers for surge capacity/testing/regulatory advisory; integrate and QA outputs.
• Track and report KPIs (flow efficiency, diligence cycle time, Day 1 control coverage, TSA months saved, post-close findings); drive continuous improvement.
• Provide executive-ready risk narratives, options/trade-offs, and recommendations under tight timelines.

Benefits

• medical, dental, vision, and prescription drug coverage
• access to Health Coach from GE Vernova, a 24/7 nurse-based resource
• access to the Employee Assistance Program, providing 24/7 confidential assessment, counseling and referral services
• GE Vernova Retirement Savings Plan, a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions, as well as access to Fidelity resources and financial planning consultants
• tuition assistance
• adoption assistance
• paid parental leave
• disability benefits
• life insurance
• 12 paid holidays
• permissive time off