Roles and Responsibilities
- Lead digital technology security shared service offering on mergers, acquisitions, divestitures, and joint ventures (M&A) due diligence, including assessing risk posture of organizations under consideration, transaction execution, including all integration and separation activities, and digital technology security Transition Service Agreement (TSA) management, including TSA exit strategies and timing.
- Develop M&A security strategic plans and roadmaps that are aligned to business strategies and requirements.
- Develop new M&A playbooks based on company security standards, procedures, and best-practices including account management, tenant management, information/IP protection management, proxy server management, security ingress/egress management, domain trusts posture, SSL/IPsec, security incident and event management (SIEM), data protection (DLP, encryption), and password/key management, vulnerability/threat assessment,
- Collaborate with security team members to develop all M&A security requirements for all hardware and software computing platforms, environments and solutions including modifying, where required, existing policies, procedures and best practices to address M&A business strategies and requirements
- Coordinate with cross functional teams to ensure architectural solutions effectively fulfill M&A business needs
- Collaborate with security team, business units, and corporate M&A teams on tailoring security requirements to align to individual M&A transaction specific requirements.
- Coordinate security team members to conduct M&A security analysis of platforms and environments using security playbooks.
- Provide guidance and hands-on experience to M&A project teams in design, development, and maintenance of M&A security solutions and processes that are both risk appropriate and risk prioritize.
- Assess SSAE 16, SOC 1 and/or SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls" and suggest remediation controls
- Communicate with management, senior leaders, teams and technical personnel on a continuous basis
- Bachelor's degree from an accredited university or college.
- Minimum of 5 additional years of experience in Security.
- 10 years overall technology experience
- 2 years in a technical or functional lead role
- Hands on experience in M&A activities
- Hands on experience in drafting, modifying, reviewing, or managing technical Transition Service Agreements
- Strong working knowledge of IT service management (e.g., ITIL-related disciplines)
- Strong working knowledge of OT security and how it aligns and differs from Enterprise IT Security.
- Understanding of industry security standards, guidelines and regulatory/compliance requirements related to information security and cloud computing such as ISO 27001, NIST 800-53, IEC/ISA 62443, SOC2, PCI, SOX, etc.
- One of the following Certification(s) is required: CISM, CISSP, ITIL
- Strong oral and written communication skills.
- Ability to document, plan, market, and execute programs. Established project management skills.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one
- Strong interpersonal and leadership skills, with an emphasis on the ability to effectively influence others
- A team-focused mentality with the proven ability to work effectively with diverse stakeholders with divers requirements and priorities
- An ability to communicate complex and technical issues to diverse audiences, orally and in writing, in an easily-understood, authoritative, and actionable manner
- Demonstated ability to analyze and resolve problems.
- Demonstrated ability to lead programs / projects.
Baker Hughes Company is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.