Cybersecurity M&A Lead
External
Ge Vernova · Boston, MAPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
About the role
Job Description Summary GE Vernova is seeking a Cybersecurity M&A Lead to execute cybersecurity due diligence and post-close execution across a global portfolio of mergers, acquisitions, divestitures, carve-outs, joint ventures, minority investments, and other strategic transactions. This is a highly visible senior role responsible for representing cybersecurity across the full deal lifecycle-shaping strategy, identifying and quantifying risk, guiding Day 1 readiness, and driving integration and separation plans across both enterprise IT and OT/ICS environments. The ideal candidate brings deep technical expertise across core cyber domains and can translate complex technical findings into business impact, transaction implications, and executive decision support. This leader will work across GE Vernova businesses and functions to ensure transactions align with enterprise cybersecurity practices, standards, and risk expectations. The role also requires forward-thinking leadership in the use of AI-enabled capabilities to improve cybersecurity M&A processes, risk insights, and execution speed. Success in this role requires strong judgment, technical depth, executive communication skills, and the ability to operate with urgency and flexibility in a fast-moving deal environment. Job Description Essential Responsibilities - Lead cybersecurity due diligence for acquisitions, divestitures, carve-outs, joint ventures, minority investments, and other strategic transactions across GE Vernova's global portfolio. - Serve as a primary cybersecurity lead across the transaction lifecycle, from early-stage diligence and pre-sign assessments through closing, Day 1 readiness, and 30/60/100-day execution. - Represent the Cyber function holistically in M&A activities, while assessing risks and ensuring alignment with GE Vernova cybersecurity standards, controls, playbooks, and strategic priorities, including: - Identity and access management (IAM) - Network security, segmentation, and zero trust - Cloud security - Application and infrastructure security - Endpoint security and EDR - Data protection and governance - Logging, monitoring, and security operations - Vulnerability and exposure management - Third-party cyber risk - Incident response - Business continuity and disaster recovery - OT/ICS cybersecurity and operational resilience - Lead cyber diligence activities aligned to recognized frameworks and standards, including NIST CSF, NIST SP 800-53, NIST SP 800-171, and NIST SP 800-82, while applying GE Vernova cybersecurity practices and expectations. - Quantify cyber risk and remediation requirements and translate findings into business terms, including transaction risk, remediation investment, Day 1 requirements, TSA needs, and post-close priorities. - Drive Day 1 cybersecurity readiness, including minimum control requirements, risk-based exceptions, interim safeguards, and stabilization planning. - Build and execute 30/60/100-day cybersecurity integration or separation plans and support long-term roadmap development. - Develop and maintain repeatable playbooks, templates, and standards for cyber diligence, integration, separation, and post-close execution. - Lead safe, practical strategies for OT/ICS integration and separation, including segmentation, cyber resilience, and operational continuity considerations. - Establish secure data-sharing, clean-room, and transaction confidentiality protocols in partnership with Legal, Privacy, and other stakeholders. - Partner closely with Digital Technology M&A/PMO, Business Development, Legal, Privacy, Finance, Insurance, Sourcing, business leaders, and cybersecurity teams across GE Vernova. - Lead and manage external cybersecurity advisors and service providers supporting diligence, testing, regulatory advisory, and execution activities. - Prepare executive-ready cyber risk summaries, decision materials, and recommendations for senior stakeholders. - Track and report key performance indicators related to diligence quality, execution speed, Day 1 readiness, TSA reduction, and post-close remediation progress. - Help define and advance AI use cases for cybersecurity M&A, including opportunities to improve diligence efficiency, risk analysis, control mapping, remediation prioritization, and integration planning, in alignment with GE Vernova governance and responsible AI requirements. Required Qualifications - Bachelor's degree in Cybersecurity, Computer Science, Engineering, Information Systems, or a related field from an accredited university or college, or equivalent experience. - Significant cybersecurity experience, including leadership in M&A cybersecurity due diligence, integration, separation, or transaction-related cyber risk management. - Strong technical depth across multiple cybersecurity domains in both enterprise IT as well as OT/ICS environment segmentation. - Experience applying cybersecurity frameworks and standards such as NIST CSF,