• Lead key product cyber security programs from inception through completion, ensuring alignment with key stakeholders, business priorities, regulatory requirements, and product roadmaps. • Assess current product security posture against applicable regulatory requirements, identify gaps, and develop structured remediation plans and roadmaps. • Lead the effort to achieve and/or maintain standards-based certification for the product security program and/or specific Wind products. • Manage audit preparation activities, including coordination with internal auditors and third-party certification bodies, evidence collection, and providing responses to findings. • Support and/or drive the development, maintenance, and usage of internal tools for product security, such as the product asset inventory, vulnerability management automation. • Design, develop, and support OT/ICS cybersecurity solutions for wind farm, such as SIEM detection rules, endpoint protection (EDR/AV/application whitelisting), and network segmentation, based on customer requests, regulatory requirements, and commercial strategy. • Design, develop, and implement cyber security solutions and controls, collaborating with cross functional teams, that address identified risks, vulnerabilities, and gaps across Wind’s products, systems, and processes. • Lead root cause analysis efforts for security vulnerabilities and non-conformities, delivering findings and actionable recommendations. • Support incident response activities related to product security vulnerabilities.

• Lead cybersecurity due diligence for acquisitions, divestitures, carve-outs, joint ventures, minority investments, and other strategic transactions across GE Vernova’s global portfolio. • Serve as a primary cybersecurity lead across the transaction lifecycle, from early-stage diligence and pre-sign assessments through closing, Day 1 readiness, and 30/60/100-day execution. • Represent the Cyber function holistically in M&A activities, while assessing risks and ensuring alignment with GE Vernova cybersecurity standards, controls, playbooks, and strategic priorities. • Lead cyber diligence activities aligned to recognized frameworks and standards, including NIST CSF, NIST SP 800-53, NIST SP 800-171, and NIST SP 800-82, while applying GE Vernova cybersecurity practices and expectations. • Quantify cyber risk and remediation requirements and translate findings into business terms, including transaction risk, remediation investment, Day 1 requirements, TSA needs, and post-close priorities. • Drive Day 1 cybersecurity readiness, including minimum control requirements, risk-based exceptions, interim safeguards, and stabilization planning. • Build and execute 30/60/100-day cybersecurity integration or separation plans and support long-term roadmap development. • Develop and maintain repeatable playbooks, templates, and standards for cyber diligence, integration, separation, and post-close execution. • Lead safe, practical strategies for OT/ICS integration and separation, including segmentation, cyber resilience, and operational continuity considerations. • Establish secure data-sharing, clean-room, and transaction confidentiality protocols in partnership with Legal, Privacy, and other stakeholders. • Partner closely with Digital Technology M&A/PMO, Business Development, Legal, Privacy, Finance, Insurance, Sourcing, business leaders, and cybersecurity teams across GE Vernova. • Lead and manage external cybersecurity advisors and service providers supporting diligence, testing, regulatory advisory, and execution activities. • Prepare executive-ready cyber risk summaries, decision materials, and recommendations for senior stakeholders. • Track and report key performance indicators related to diligence quality, execution speed, Day 1 readiness, TSA reduction, and post-close remediation progress. • Help define and advance AI use cases for cybersecurity M&A, including opportunities to improve diligence efficiency, risk analysis, control mapping, remediation prioritization, and integration planning, in alignment with GE Vernova governance and responsible AI requirements.

• As an experienced Cyber Security Content Developer, you excel at designing and maintaining content for seemingly complicated topics such as SIEM, UEBA, SOAR, data ingestion, enrichment, and incident response concepts for a wide-ranging audience and course duration. • Using the best instructional design techniques resulting in engaging and quality self-paced, micro-learning content. • As a Cyber Security hero, you connect with internal employees, customers, and partners to understand their challenges. • You also have a passion for sharing real-world solutions to these challenges. • C urating a list of sources of information that keep you up to date on the latest cyber industry news, brainstorming creative solutions to solve problems. • Lead the maintenance and design of infrastructure and tooling to facilitate self-paced content and deliver the best instructor-led training (ILT) possible, constantly looking for ways to optimize the trainee’s experience. • Cultivating relationships with internal teams such as Product Management, Engineering, Support, and Sales to provide more effective means of collaboration and help achieve shared goals.

Meet the Team Cisco ThousandEyes is a Digital Assurance platform that empowers organizations to deliver flawless digital experiences across every network - even the ones they don't own. Powered by AI and an unmatched set of cloud, internet and enterprise network telemetry data, ThousandEyes enables IT teams to proactively detect, diagnose, and remediate issues - before they impact end- user experiences. ThousandEyes is deeply integrated across the entire Cisco technology portfolio and beyond, helping customers deploy at scale while also delivering AI-powered assurance insights within Cisco's leading Networking, Security, Collaboration, and Observability portfolios. Your Impact As a Technical Program Manager focused on Vulnerability Management, you will play a critical role in strengthening the organization's security posture while driving operational excellence across complex, large-scale programs. You'll lead end-to-end vulnerability management efforts-from detection to remediation-while partnering with engineering, security, and product teams across Cisco to ensure risks are addressed efficiently and at scale. This role is exciting because it sits at the intersection of security, automation, and cross-functional leadership, giving you the opportunity to influence both technical strategy and organizational resilience. - Lead and manage complex, cross-functional programs aligned with organizational and security priorities. - Own and evolve the Organization wide Vulnerability Management Program (VMP) across Cross functional teams driving both strategic direction and execution. - Develop and optimize automated workflows and tools to streamline the vulnerability lifecycle, including detection, triage, assignment, and reporting. - Drive measurable improvements in vulnerability remediation of SLAs, MTTR, and program adoption across engineering teams. - Partner with engineering, security, SRE/Ops, and product teams to prioritize remediation efforts and ensure successful, secure releases. - Enhance visibility through dashboards, reporting, and post-mortems while driving continuous improvement initiatives across processes and tooling. Minimum Qualifications - 5+ years of experience in Technical Program Management, Engineering Program Management, or a similar role in a cloud/SaaS environment. - Hands-on experience managing Vulnerability Management Programs, including tracking and driving remediation across distributed systems. - Experience with security and compliance frameworks such as FedRAMP, NIST, ISO 27001, or SOC 2 - Demonstrated experience building and scaling automated vulnerability management workflows in fast paced complex cloud environments, spanning intake, triage, prioritization, remediation tracking, and reporting. Preferred Qualifications - Bachelor's or master's degree in computer science, Engineering, or a related technical field. - Experience supporting security audits or compliance initiatives in regulated environments - Familiarity with security tooling such as vulnerability scanners, ticketing systems, CI/CD pipelines, and asset inventory platforms. - Strong analytical skills with the ability to interpret vulnerability data and drive data-informed decisions. - Experience working with Agile methodologies (Scrum/Kanban) in fast-paced environments. - Ability to influence cross-functional stakeholders and drive alignment across engineering, security, and product teams. Why Cisco? At Cisco, we're revolutionizing how data and infrastructure connect and protect organizations in the AI era - and beyond. We've been innovating fearlessly for 40 years to create solutions that power how humans and technology work together across the physical and digital worlds. These solutions provide customers with unparalleled security, visibility, and insights across the entire digital footprint. Fueled by the depth and breadth of our technology, we experiment and create meaningful solutions. Add to that our worldwide network of doers and experts, and you'll see that the opportunities to grow and build are limitless. We work as a team, collaborating with empathy to make really big things happen on a global scale. Because our solutions are everywhere, our impact is everywhere. We are Cisco, and our power starts with you.