Principal Cyber Risk Advisor, Cybersecurity M&A at GE Vernova

Job Description SummaryLead GE Vernovas cybersecurity due diligence and integration/separation for a global M&A portfolio (acquisitions divestitures/carve-outs JVs minority investments) across IT and OT/ICS. Own a NIST-aligned workstream from pre-LOI red-flags through close and 30/60/100-day execution. Quantify and communicate cyber risk to inform valuation terms and closing conditions; ensure Day 1 control readiness; standardize reusable playbooks (IAM network/zero trust cloud endpoint data logging/monitoring vulnerability management third-party risk incident response BCP/DR); drive safe OT/ICS integration (incl. NERC CIP where applicable); operate in a matrix with DT M&A/PMO Legal Privacy Finance Insurance and BU security; manage external providers; track KPIs and reduce TSA duration.Job DescriptionEssential ResponsibilitiesLead pre-sign red-flag and full due diligence for GE Vernovas Deal Processes in DT and OT/ICS targets aligned to NIST CSF SP 800-53/800-171 and 800-82.Quantify risk and remediation (capex/opex timeline) and translate into valuation PPAs holdbacks R&Ws/indemnities and closing conditions.Own Day 1 control readiness; build and execute 30/60/100-day plans and drive TSA exit milestones.Develop and run standard playbooks for IAM/PAM network segmentation/zero trust endpoint/EDR cloud tenancy/landing zones app security data discovery/classification/transfer logging/SIEM vulnerability management third-party risk IR and BCP/DR.Design/govern safe OT/ICS integration and segmentation strategies; assess NERC CIP applicability and compliance contours.Establish clean-room protocols and data handling standards; ensure privacy and cross-border compliance (e.g. DPIAs).Operate in a matrix with DT M&A/PMO Business Development Legal Privacy Finance Insurance Sourcing and BU security; lead cross-functional squads.Manage third-party providers for surge capacity/testing/regulatory advisory; integrate and QA outputs.Track and report KPIs (flow efficiency diligence cycle time Day 1 control coverage TSA months saved post-close findings); drive continuous improvement.Provide executive-ready risk narratives options/trade-offs and recommendations under tight timelines.Key DeliverablesRed-flag memo; preliminary NIST scorecard; diligence plan and data room list; clean-room SOPs.Control gap assessment with target state; quantified remediation estimates; executive risk register and heatmap.OT/ICS Purdue mapping; zone/conduit strategy; NERC CIP relevance assessment (as applicable).Day 1 control checklist and exceptions log; 30/60/100-day plan with critical path and TSA exit criteria.Integration/separation runbooks/playbooks; cutover command-center and stabilization plans.SPA/TSA cyber clause recommendations; insurance underwriting package.Deal dashboard weekly executive updates risk/issue logs; post-close lessons learned; BU handover package.Required Qualifications10 years in cybersecurity with significant M&A diligence and integration/separation leadership.Experience across IT and OT/ICS security including segmentation and operational resilience.Deep knowledge of NIST CSF SP 800-53/800-171 and 800-82; familiarity with NERC CIP.Proven ability to quantify risk/remediation and translate into deal economics and SPA/TSA language.Track record delivering Day 1 readiness and 30/60/100-day execution with TSA exits in global environments.Hands-on depth in IAM/PAM network/cloud security endpoint/EDR data protection logging/monitoring vuln mgmt third-party risk IR and BCP/DR.Executive communication and matrix leadership; ability to lead external advisors.Bachelors degree in cybersecurity computer science engineering or related field (or equivalent experience).Location: Flexible US; hybrid/remote options based on candidate location.Travel: Some Domestic and international as required.Preferred QualificationsOT-heavy transaction experience (generation grid renewables); prior clean-room design/operations.Risk quantification (e.g. FAIR or equivalent); Lean/Agile/PMO experience with metrics focus.Experience improving cyber insurance submissions and influencing SPA/TSA controls.Relevant certifications: CISSP CISM CRISC CISA GICSP CCSK/CCSP cloud provider certs.Additional InformationGE Vernova offers a great work environment professional development challenging careers and competitive compensation. GE Vernova is anEqual Opportunity Employer. Employment decisions are made without regard to race color religion national or ethnic origin sex sexual orientation gender identity or expression age disability protected veteran status or other characteristics protected by law.GE Vernova will only employ those who are legally authorized to work in the United States for this opening. Any offer of employment is conditioned upon the successful completion of a drug screen (as applicable). Relocation Assistance Provided: No#LI-Remote - This is a remote positionFor candidates applying to a U.S. based position the pay range for this position is between $156100.00 and $260100.00. The Company pays a geographic differential of 110% 120% or 130% of salary in certain areas. The specific pay offered may be influenced by a variety of factors including the candidates experience education and skill set.Bonus eligibility: ineligible.This posting is expected to remain open for at least seven days after it was posted on December 08 2025.Available benefits include medical dental vision and prescription drug coverage; access to Health Coach from GE Vernova a 24/7 nurse-based resource; and access to the Employee Assistance Program providing 24/7 confidential assessment counseling and referral services. Retirement benefits include the GE Vernova Retirement Savings Plan a tax-advantaged 401(k) savings opportunity with company matching contributions and company retirement contributions as well as access to Fidelity resources and financial planning consultants. Other benefits include tuition assistance adoption assistance paid parental leave disability benefits life insurance 12 paid holidays and permissive time off.GE Vernova Inc. or its affiliates (collectively or individually GE Vernova) sponsor certain employee benefit plans or programs GE Vernova reserves the right to terminate amend suspend replace or modify its benefit plans and programs at any time and for any reason in its sole discretion. No individual has a vested right to any benefit under a GE Vernova welfare benefit plan or program. This document does not create a contract of employment with any individual.Required Experience:Staff IC Key Skills Business Development,Classroom Experience,Dayforce,Go,Cloud Computing,AWS,Teaching,Administrative Experience,Leadership Experience,negotiation,SAS,Data Analysis Skills Employment Type : Full-Time Experience: years Vacancy: 1 Monthly Salary Salary: 156100 - 260100