Job Information
Black & Veatch OnSite Cybersecurity Custodian Job Details | Black & Veatch Family of Companies in Phoenix, Arizona
OnSite Cybersecurity Custodian
Date: Apr 24, 2026
Location:
Ann Arbor, MI, US South Jordan, UT, US Orlando, FL, US Houston, TX, US Phoenix, AZ, US Dallas, TX, US Atlanta, GA, US Kansas City, MO, US Tampa, FL, US Jacksonville, FL, US Cary, NC, US Phoenix, AZ, US Austin, TX, US Tualatin, OR, US
Company: Black & Veatch Family of Companies
Together, we own our company, our future, and our shared success.
As an employee-owned company, our people are Black & Veatch. We put them at the center of everything we do and empower them to grow, explore new possibilities and use their diverse talents and perspectives to solve humanity's biggest challenges in an ever-evolving world. With over 100 years of innovation in sustainable infrastructure and our expertise in engineering, procurement, consulting and construction, together we are building a world of difference.
Company : Black & Veatch Corporation
Req Id : 114649
Opportunity Type : Staff
Relocation eligible : Yes
Full time/Part time : Full-Time
Project Only Hire : Yes
Visa Sponsorship Available: No
Why Black & Veatch?
Black & Veatch allows you to lend your talent and perspective to humanity’s biggest challenges in a flexible environment where you are empowered to grow and explore new possibilities. We offer competitive compensation, 401k match and benefits that start day one.
Our hybrid environment allows you to balance your work and personal life. At Black & Veatch, you own your career with purpose and meaning. You are empowered to grow and explore new possibilities at every step of your career journey. Bring your big ideas knowing you are safe to be who you are and speak up with concerns or questions and put your diverse talents and perspectives to use.
The Opportunity
Black & Veatch (BV) is seeking a direct-hire, full-timeon‑siteCybersecurityCustodian to support cybersecurity execution for a newPower Plant project in BeechIsland, South Carolina.Supported andledby BV Senior Cybersecurity Consultants, this individual will be the day-to-day on-sitecustodianfor Operational Technology(OT)/ Industrial Control Systems (ICS)cybersecurity activities, coordinating with EPC, Owner,and vendors to ensure systems are secured, cybersecurityrequirements are met, and all work is documented in a complete, audit-ready evidence package.
This role is perfect for individuals experienced with power plant control systems (DCS/PLC/SCADA/HMI) who are enthusiastic about applying cybersecurity in practical construction and commissioning settings.
The role begins no later than November 2026 to support readiness activities ahead of Distributed Control System (DCS)Factory Acceptance Testing (FAT)in March 2027, includes travel to vendor FAT/CyberFAT(CFAT)locations, andremainson-site through installation, commissioning, and turnover. After completion of the BeechIslandproject, the role is expected to continue as a full-timeICS Cybersecurity Consultantposition supporting B&V’s Infrastructure Advisory (IA)IndustrialCybersecurity team acrossadditionalOT/ICS projects.Thepost-projectrole can be based at the BV office in Columbia,SCor any other BV office location.
Reporting & Teaming
Report operationally to the project leadershipteam,while working closely with B&V cybersecuritystakeholders.
Work closely with theIA ICSCybersecurityteamwhoprovides back-office support including:Project planning and cybersecurity execution roadmap,Standards, templates, and evidence packages,Requirements interpretation and technical guidanceandAction-item tracking support and cadence facilitation
Execute the on-site work, coordinate vendors, and ensure evidence is captured and organized.
Key Responsibilities
Cybersecurity Program Execution & Evidence Ownership
Supported and lead by BV Senior Cybersecurity Consultantsfrom Home Office, manageday-to-day execution of the on-site OT cybersecurityprogram, including tracking requirements, planned actions, and completion statusand report status of activities to BV Senior Cybersecurity Consultantsfor review and approvals
Build andmaintainan organized evidence repository (audit-ready), ensuring deliverables are properly dated, labeled, and attributable.
Maintain logs, checklists, procedures, forms, test results, scan outputs, approvals, andsign-offsasrequired.
CFAT / CyberSiteAcceptanceTesting (CSAT)Support
Support pre-CFAT readiness andparticipatein vendor CFAT activities asrequired(travelrequired).
Validate cybersecurity controls prior to shipment (where applicable), including accounts, logging, backups, malware controls, and baseline configurations.
Track and close cyber-related FAT punch items; ensure retests andfinal evidenceare captured and filed.
Identity, Credential, and Access Control
Verify and document required access controls including MFA for remote access, least privilege, and role-based access models.
Support account management documentation: default credential changes, service account controls, privilege verification, termination/role-change access actions, and secure credential handover processes.
Asset Inventory, Configuration Baselines & Change Tracking
Maintain support for hardware/software inventory requirements (including OS/firmware versions, asset tags, locations, network references).
Track configuration baselines, redlines, and as-built updates throughout construction and commissioning.
Coordinatechangedocumentation andevidence, including post-change backup capture and validation.
Removable Media & Transient Cyber Assets (TCA) Controls
Enforce and document removable media and transient device controls in line with Owner policies and site procedures.
Oversee malware scanning workflows, authorization forms, encrypted media handling, quarantine steps, and scanning evidence retention.
Coordinate vendor site visit preparations (e.g., ensuring vendor laptop/TCA scanning expectations are met).
Monitoring, Logging, and Detection Enablement
Coordinate and document OT log onboarding to Splunk/SIEM, including log sources, retention requirements, andforwardingarchitecture.
Support readiness for NIDS/span port configuration and eventforwardingrequirements.
Validate and document that logging is enabled, time-synchronized, and functioning withoutimpactingsystem performance.
Additional Key Responsibilities
Backup, Recovery, and Resilience
Verify backup procedures are in place for OTassetsand that backups are created after major changes (patching, configuration updates).
Support restorationtesting whererequired; ensure offline backup handling meets custody and storage requirements.
Track encrypted portable hard drives / backup media custody and handover documentation where applicable.
Incident Reporting & Response Support
Maintain cyber escalation contacts and on-site reporting procedures.
Support documentation of cybersecurityevents, policy violations, corrective actions, and evidence of remediation steps.
Coordinate with ICS Cybersecurity and Owner stakeholders for incident-related communications and records.
Training, Workforce Security & Compliance Documentation
Track andmaintainevidence for required cybersecurityawareness training completion.
Support workforce security evidence collection (e.g., authorization logs, background check logs, access revocations).
Conduct periodic verification that access authorizationsremaincurrent and justified.
A successful CybersecurityCustodian will:
Maintain a complete, well-organized cyber evidence repository that maps activities to requirements and stands up to Owner and compliance scrutiny.
Enable smooth FAT/CFAT/commissioning progress byidentifyingcybersecuritygaps early and driving closure without schedule disruption.
Demonstrate strong coordination across vendors, EPC, site teams, and theback-officecyberteam.
Establish consistent cyber processes on-site that improve repeatability and reduce risk.
Backup, Recovery, and Resilience
Verify backup procedures are in place for OTassetsand that backups are created after major changes (patching, configuration updates).
Support restorationtesting whererequired; ensure offline backup handling meets custody and storage requirements.
Track encrypted portable hard drives / backup media custody and handover documentation where applicable.
Incident Reporting & Response Support
Maintain cyber escalation contacts and on-site reporting procedures.
Support documentation of cybersecurityevents, policy violations, corrective actions, and evidence of remediation steps.
Coordinate with ICS Cybersecurity and Owner stakeholders for incident-related communications and records.
Training, Workforce Security & Compliance Documentation
Track andmaintainevidence for required cybersecurityawareness training completion.
Support workforce security evidence collection (e.g., authorization logs, background check logs, access revocations).
Conduct periodic verification that access authorizationsremaincurrent and justified.
A successful CybersecurityCustodian will:
Maintain a complete, well-organized cyber evidence repository that maps activities to requirements and stands up to Owner and compliance scrutiny.
Enable smooth FAT/CFAT/commissioning progress byidentifyingcybersecuritygaps early and driving closure without schedule disruption.
Demonstrate strong coordination across vendors, EPC, site teams, and theback-officecyberteam.
Establish consistent cyber processes on-site that improve repeatability and reduce risk.
Management Responsibilities
Individual Contributor
Preferred Qualifications
3+ years supporting industrial/power generation control systems or OT environments.
Cybersecurity training or certifications (e.g., Security+, GIAC, ISA/IEC 62443, CISSP).
Practical knowledge of OT networking fundamentalssuch as: IP addressing, VLANs,firewallconcepts, routingbasics.
Familiarity with NERC CIP concepts, OT segmentation, MFA, jump hosts, and least-privilege design.
Ability to work on-site in BeechIsland ,SC for 12+ months (typical 5x8 with occasional off-hours during cutovers).
Willingness to travel to vendor facilities for CFAT support. Occasionaltravel forplanning/working sessions may be requested.Eligible to meet badging/background/site access requirements.
Experience with Splunk/SIEM, antivirus/whitelisting, vulnerability scanning, or backup tooling.
Experience supporting FAT/commissioning on large capital projects (power generation or similar).
Strong documentation discipline—ability to produce clear procedures, logs, checklists, and evidence packages.
Experience working with vendors and multi-discipline teams in construction/commissioning environments
Minimum Qualifications
Bachelor’s Degree or relevant work experience.
4+ years experience in a business/consulting environment.
All applicants must be able to complete pre-employment onboarding requirements (if selected) which may include any/all of the following: criminal/civil background check, drug screen, and motor vehicle records search, in compliance with any applicable laws and regulations.
Certifications
Certifications related to area of expertise, where applicable preferred.
Work Environment/Physical Demands
Normal office environment
Competencies
Action oriented
Interpersonal savvy
Customer focus
Salary Plan
CST: Consulting
Job Grade
016
Black & Veatch endeavors to makeaccessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process because of a disability, please contact the Employee Relations Department at +1-913-359-1622 or via our. This contact information is for disability accommodation requests only; you may not use this contact information to inquire about the status of applications. General inquiries about the status of applications will not be returned.
Black & Veatch is committed to being an employer of choice by creating a valuable work experience that keeps our people engaged, productive, safe and healthy.
Our comprehensive benefits portfolio is a key component of this commitment and offers an array of health care benefits including but not limited to medical, dental and vision insurances along with disability and a robust wellness program.
To support a healthy work-life balance, we offer flexible work schedules, paid vacation and holiday time, sick time, and dependent sick time.
A variety of additional benefits are available to our professionals, including a company-matched 401k plan, adoption reimbursement, tuition reimbursement, vendor discounts, an employment referral program, AD&D insurance, pre-taxed accounts, voluntary legal plan and the B&V Credit Union. Professionals may also be eligible for a performance-based bonus program.
We are proud to be a 100 percent ESOP-owned company. As employee-owners, our professionals are empowered to drive not only their personal growth, but the company's long-term achievements - and they share in the financial rewards of the success through stock ownership.
By valuing diverse voices and perspectives, we cultivate an authentically inclusive environment for professionals and are able to provide innovative and effective solutions for clients.
BVH, Inc., its subsidiaries and its affiliated companies, complies with all Equal Employment Opportunity (EEO) laws and regulations. Black & Veatch does not discriminate on the basis of age, race, religion, color, sex, national origin, marital status, genetic information, sexual orientation, gender Identity and expression, disability, veteran status, pregnancy status or other status protected by law.
Notice to External Search Firms : Black & Veatch does not accept unsolicited resumes and will not be obligated to pay a placement fee for unsolicited resumes. Black & Veatch Talent Acquisition engages with search firms directly for hiring needs.
Nearest Major Market: Ann Arbor
Nearest Secondary Market: Detroit
Job Segment: Engineer, Engineering