Granite Construction

Cybersecurity Program Manager

Granite Construction$168K — $253K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor’s degree in Computer Science, Information Systems, or a related field required
  • Professional certification in cybersecurity or information security, such as CISSP or CISM
  • 10+ years of progressive cybersecurity management experience
  • 15+ years of hands-on cybersecurity experience
  • Advanced knowledge of IT systems, tools, and infrastructure.

Responsibilities

  • Lead the IT organization in creating a cybersecurity risk profile for the enterprise
  • Oversee cybersecurity controls and risk management across various platforms
  • Implement cybersecurity frameworks and ensure compliance across the organization
  • Align the cybersecurity program with regulatory requirements to mitigate risk
  • Develop and manage incident response plans for effective threat management
  • Create metrics and reports to demonstrate program effectiveness to leadership
  • Manage the cybersecurity budget and advocate for necessary investments.

Benefits

  • Paid holidays and sick leave
  • Comprehensive medical, dental, and vision insurance
  • Flexible spending plans for health and wellness
  • Programs for musculoskeletal and mental health
  • 100% match on 401(k) contributions up to 6% with immediate vesting.
Full Job Description

General Summary

This position leads the company’s cybersecurity program, overseeing security operations and reporting while identifying and addressing risks across the organization. The role prioritizes and drives initiatives to reduce or eliminate cybersecurity threats.

Essential Job Accountabilities

  • Lead the Information Technology (IT) organization in developing a comprehensive cybersecurity risk profile across the enterprise to ensure the company’s IT infrastructure is secure and resilient

  • Oversee cybersecurity controls and risk management practices across cloud platforms, including Microsoft 365, Azure, SaaS applications, identity systems, and hybrid environments, to protect critical systems and data

  • Implement selected cybersecurity frameworks and publish standards to drive consistent practices and ensure enterprise-wide compliance

  • Align the cybersecurity program with regulatory and industry requirements (e.g., FARS/DFARS, NIST CSF & 800-171, CMMC, FedRAMP, CCPA) to maintain compliance and reduce legal and operational risk

  • Partner with IT Delivery and Infrastructure teams to develop and enforce best practices and procedures that strengthen cybersecurity controls and reduce vulnerabilities

  • Prioritize cybersecurity initiatives in collaboration with IT Delivery and Infrastructure teams to ensure timely mitigation of identified risks

  • Develop and manage the incident response plan for cyber events to enable effective, coordinated, and timely responses to security incidents

  • Develop and report metrics, KPIs, and KRIs to IT Steering, executive leadership, and the Board of Directors to demonstrate program effectiveness and secure ongoing support

  • Develop and communicate the cybersecurity roadmap across the enterprise to build awareness, alignment, and sponsorship for key initiatives

  • Lead cybersecurity awareness and training programs to ensure employees understand and can recognize and respond to cyber threats

  • Manage the security operations function to monitor, detect, and respond to vulnerabilities and cyber threats, ensuring timely mitigation and protection of company assets

  • Develop and maintain a third-party cybersecurity risk management program to evaluate and validate vendor security practices and ensure partners meet company standards

  • Manage the cybersecurity budget by allocating resources effectively and advocating for investments needed to address emerging threats and support program priorities

Education

  • Bachelor’s degree in Computer Science, Information Systems, or a related field required

  • Professional certification in cybersecurity or information security, such as CISSP or CISM

Work Experience

  • 10+ years of progressive cybersecurity management experience

  • 15+ years of hands-on cybersecurity experience

Knowledge, Skills, and Abilities

  • Demonstrated expertise in managing cybersecurity and security operations functions

  • Advanced knowledge of the cybersecurity threat landscape, including emerging threats, attack vectors, and mitigation strategies

  • Advanced knowledge of IT systems, tools, and infrastructure, with the ability to stay current on new and evolving technologies

  • In-depth knowledge of cybersecurity solutions and services in the market, including evaluation and selection of vendor offerings

  • Proficiency in cybersecurity frameworks (e.g., NIST, ISO 27001), including implementation and compliance alignment

  • Experience developing and executing cybersecurity roadmaps and budget forecasts, with measurable alignment to business objectives

  • Strong persuasive reasoning and influencing skills, with the ability to drive decision-making across stakeholders

  • Customer-focused mindset, with the ability to deliver responsive, solutions-oriented service to internal and external stakeholders

  • Advanced verbal and written communication skills, including the ability to clearly and concisely present complex technical information to non-technical audiences

  • Ability to operate effectively in dynamic, evolving environments, including influencing and motivating without direct authority

  • Strong analytical and problem-solving skills, with the ability to assess risks and implement effective solutions

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to talk and hear. The employee frequently is required to stand, walk, sit and use hands to operate a computer keyboard. The employee is occasionally required to reach with hands and arms. The employee must occasionally lift and/or move up to 20 pounds. Specific vision abilities required by this job include close vision, and ability to adjust focus. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Additional Requirements/Skills

  • Valid driver's license and ability to drive, with flexibility to travel as required

  • Comply, understand, and support company safety initiatives to ensure a safe work environment

  • Ability and willingness to abide by company code of conduct daily

Our Benefits at a Glance:

Building tomorrow starts with you, and Granite knows that you can excel only if we support you in and out of the workplace.  That is why we offer a broad benefits package that includes paid holidays, sick leave, medical, dental, vision, life insurance, disability insurance, flexible spending plans, as well as special programs for musculoskeletal health, mental wellness, and more.

Salaried employees may choose from two PPO medical plans through Anthem BlueCross, including our most popular plan, for which 100% of the premium is paid by Granite for eligible employees and dependents.  Employees can also opt into a Health Savings Account (HSA) or a Flexible Spending Account (FSA).

 

As part of our investment in your future outside of the workplace, Granite provides a 100% match on the first 6% of eligible compensation that salaried employees defer into their 401(k) plans, which vests immediately.

 

Benefits may vary for positions located outside of the continental United States.

Base Salary Range: 

$168,947.00 - $253,420.00

Pay may vary based upon relevant experience, skills, location, and education among other factors.  ​

About Granite Construction

Granite Construction Inc. is an American company, a member of the S&P 600 Index based in Watsonville, California and is the parent corporation of Granite Construction Company. The company is both a heavy civil construction contractor and construction aggregate manufacturer, owning or leasing quarries in several Western states for extracting mostly sands, gravel, and crushed stone products. Incorporated in 1922 and publicly traded since 1990, Granite Construction Company is composed of a construction materials division, and two construction operating divisions. Under each Group are numerous regional offices, quarries, asphalt and concrete plants. Granite does work in both public and private sector transportation infrastructure projects that include: roads and highways, bridges, dams, water reservoirs, railroads, seaports and airports. The materials division produces construction materials such as sand, gravel, ready-mix and asphalt concrete. In 2021, Granite was ranked 25th on ENR's Top 400 Contractors.
Learn more about Granite Construction
Size
1,900 employees
Market Cap
$1.5 billion
Industry
Net Income
-$101.4 million
Founded
1922
5 Year Trend
+3.7%
Revenue
$3.5 billion
NASDAQ

Similar Jobs

More Jobs at Granite Construction

More Information Technology Jobs

Find similar Cybersecurity Program Manager jobs: