Chief Information Security Officer Director

• Define, lead, and execute KBR's information security strategy, operating model, and multiyear roadmap aligned with enterprise objectives
• Serve as the enterprise authority on cyber risk, threat posture, and resilience, advising executive leadership on risk-based decision making
• Establish and maintain corporate information security policies, standards, and governance aligned to frameworks such as NIST CSF, ISO 27001, SOX ITGCs, GDPR, Australia and UK data protection requirements
• Oversee enterprise-wide risk management and compliance:

• Conduct regular risk and information security assessments to identify security vulnerabilities and threats, both internal and external
• Develop and implement risk mitigation strategies and security controls to reduce and manage identified risks
• Monitor compliance with applicable laws, regulations, and contractual obligations related to information security

• Lead incident response and breach management, including executive communications, regulatory coordination, and post incident remediation
• Partner with IT and Digital teams to embed secure by design practices into cloud adoption, enterprise applications (ERP, HRIS, CRM), data platforms, and automation initiatives
• Oversee third party and supplier cyber risk management for vendors and technology partners
• Support enterprise initiatives including M&A, divestitures, and system integrations from a cybersecurity and risk perspective
• Build, lead, and develop a high performing global information security organization
• Drive enterprise-wide security awareness, training, and accountability to strengthen KBR's cyber culture
• Collaborate across regions and functions in alignment with KBR's team of teams operating model

Do you have experience in NIST standards?, Do you have a Master's degree?, * Bachelor's degree in computer science, information security, engineering, or a related field

• Progressive professional experience in information security, IT risk, or technology leadership
• Proven ability leading enterprise or cybersecurity programs in a global organization
• Expertise securing IT environments, including cloud, SaaS, identity, and enterprise applications
• Executive level communication skills with the ability to translate technical risk into business impact
• Professional certifications preferably CISSP, CISM, or CRISC

Preferred Qualifications:

• Master's degree or MBA
• Proficiency supporting public company environments, including SOX and internal audit collaboration
• Competency leading information protection initiatives and building security culture in an international organization
• Cloud security expertise (AWS, Azure, or similar platforms)
• Demonstrated capacity in supporting large scale digital transformation or enterprise modernization initiatives
• Proven success operating within a matrixed, multinational organization
• Effective leadership presence with the ability to influence