Title:
Sr. Director, Chief Information Security Officer (CISO)
KBR — Delivering Solutions, Changing the World.
KBR is a global leader in delivering technology‑driven, mission‑critical, and sustainable solutions that truly matter. For over a century, we have powered bold missions across defense, space, industry, and government through our two core business lines: Mission Technology Solutions and Sustainable Technology Solutions. With nearly 38,000 talented people operating in more than 80 countries, we thrive on a culture built on safety, integrity, and teamwork. At KBR, we empower our people to solve the world’s toughest challenges and create lasting value for communities and the planet. We don’t just deliver results—we deliver game‑changing solutions, innovative technology, deep domain expertise, and cutting‑edge capabilities.
KBR is seeking a Senior Director, Chief Information Security Officer, to provide enterprise leadership for corporate cybersecurity and information protection. This role is responsible for defining and executing KBR’s global corporate information security strategy, safeguarding corporate systems, data, intellectual property, and digital platforms while enabling secure business growth and transformation.
This position focuses on corporate IT and shared services environments, including cloud platforms, SaaS applications, enterprise systems, and workforce technologies. The role operates as a trusted advisor to executive leadership, partnering across functionally to manage cyber risk and strengthen enterprise resilience.
The role may be based in the Middle East, United Kingdom or United States and includes periodic global travel.
Roles & Responsibilities
Define, lead, and execute KBR’s information security strategy, operating model, and multi‑year roadmap aligned with enterprise objectives
Serve as the enterprise authority on cyber risk, threat posture, and resilience, advising executive leadership on risk‑based decision making
Establish and maintain corporate information security policies, standards, and governance aligned to frameworks such as NIST CSF, ISO 27001, SOX ITGCs, GDPR, Australia and UK data protection requirements
Oversee enterprise-wide risk management and compliance, conduct regular risk and information security assessments to identify security vulnerabilities and threats, both internal and external. Develop and implement risk mitigation strategies and security controls to reduce and manage identified risks. Monitor compliance with applicable laws, regulations, and contractual obligations related to information security.
Lead incident response and breach management, including executive communications, regulatory coordination, and post‑incident remediation
Partner with IT and Digital teams to embed secure‑by‑design practices into cloud adoption, enterprise applications (ERP, HRIS, CRM), data platforms, and automation initiatives
Oversee third‑party and supplier cyber risk management for vendors and technology partners
Support enterprise initiatives including M&A, divestitures, and system integrations from a cybersecurity and risk perspective
Build, lead, and develop a high‑performing global information security organization
Drive enterprise‑wide security awareness, training, and accountability to strengthen KBR’s cyber culture
Collaborate across regions and functions in alignment with KBR’s team of teams operating model
Basic Qualifications:
Bachelor’s degree in computer science, Information Security, Engineering, or a related field
15+ years of progressive experience in information security, IT risk, or technology leadership
10+ years leading enterprise or cybersecurity programs in a global organization
Proven experience securing IT environments, including cloud, SaaS, identity, and enterprise applications
Proven executive communication skills with the ability to translate technical risk into business impact
Ability and willingness to travel internationally as required (approximately 10–20%)
Professional certifications such as CISSP, CISM, or CRISC
Preferred Qualifications:
Master’s degree or MBA
Experience supporting public company environments, including SOX and internal audit collaboration
Experience leading information protection initiatives and building security culture in an international organization.
Cloud security expertise (AWS, Azure, or similar platforms)
Prior experience supporting large‑scale digital transformation or enterprise modernization initiatives
Demonstrated success operating within a matrixed, multinational organization
Effective leadership presence with the ability to influence
KBR Benefits
KBR offers a selection of competitive lifestyle benefits which could include 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending accounts, disability coverage, paid time off, and flexible work schedules. We support career advancement through professional training and leadership development.
Click here to learn more: KBR Benefits
Belong, Connect and Grow at KBR
At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward, being a People First company. That commitment is central to our team of team's philosophy and fosters an environment where everyone can Belong, Connect and Grow.
We Deliver – Together.
Belong, Connect and Grow at KBR
At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together.
KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.
