Apply on Employer Site

GE Aerospace · 7 hours ago

Principal Risk Advisor

United States

Full-time

Remote

Senior Level, Lead/Staff

$152K/yr - $222K/yr

10+ years exp

GE Aerospace is a leading company in the aerospace sector, seeking a Principal Risk Advisor to lead cybersecurity and data privacy risk management across various strategic transactions. The role involves coordinating risk assessments, translating technical findings into business insights, and contributing to the development of risk management standards and practices.

AerospaceCommercialManufacturing

No H1B

Responsibilities

Lead cybersecurity and data privacy risk scoping and planning for mergers, acquisitions, divestitures, joint ventures, and other strategic transactions

Coordinate MA&D cybersecurity and privacy readiness assessments with external providers, including but not limited to maturity assessments, compromise assessments, software composition analysis, application security testing (SAST/DAST), Office 365 security reviews, network security assessments, red team exercises, executive background research, and integration support

Review and synthesize provider assessment outputs, translating technical findings into clear, business-focused risk summaries that highlight significant business impacts, likelihood and severity, and prioritization of remediation activities

Develop and present structured recommendations to support deal decisions, including risk acceptance, mitigation strategies, deal term adjustments, and conditions for close (e.g., remediation milestones and required controls)

Partner with Corporate Development, Cybersecurity, Privacy, Legal, IT, and business leaders to integrate cybersecurity and privacy risk considerations into deal evaluation, negotiation, and integration planning

Coordinate Day 1 cyber readiness activities and support the design and implementation of future-state cyber operating models for acquired or divested entities, ensuring alignment with enterprise security standards and control frameworks

Convert assessment findings into actionable remediation plans with clear owners, timelines, and tracking mechanisms; monitor progress, escalate delays or critical risks, and provide options and trade-offs to stakeholders

Contribute to the development, maintenance, and continuous improvement of MA&D risk management standards, procedures, and playbooks, ensuring alignment with enterprise cybersecurity and privacy policies and standard control frameworks (such as NIST, CIS, ISACA, or ISO)

Collaborate with security awareness and training program owners to ensure MA&D-related requirements, patterns, and lessons learned are incorporated into training, guidance, and communications for key stakeholder groups

Oversee the repository of MA&D projects, assessments, risks, and compliance issues in the governance, risk, and compliance (GRC) tool, working with operations and GRC teams to ensure workflows are in place to trigger security reviews based on data risk ratings and to track findings through remediation and closure

Manage MA&D-related cybersecurity and privacy policy exceptions, ensuring that exceptions are documented, approved, monitored, and reviewed or closed prior to expiration; ensure that automated alerts are issued to the SOC or relevant teams as needed

Support high-risk third-party risk assessments and onboarding/offboarding activities, applying MA&D-style rigor for critical suppliers or engagements as bandwidth permits

Contribute to the design and implementation of third-party risk operating model enhancements, ensuring alignment between MA&D risk practices and enterprise TPRM processes, standards, and risk scoring approaches

Develop and track key performance indicators (KPIs) for MA&D risk activities (such as volume of deals assessed, assessment cycle time, number and severity of findings, and remediation cycle time), and contribute MA&D-related insights to broader TPRM and cybersecurity reporting

Qualification

Risk ManagementCybersecurityData PrivacyThird-Party Risk ManagementAnalytical SkillsProblem-SolvingCollaborationCommunicationLeadership

Required

Bachelor's degree from accredited university or college with minimum of 10 years of professional experience OR Associates degree with minimum of 13 years of professional experience OR High School Diploma with minimum of 15 years of professional experience

Minimum 7 years of professional experience in Risk Management

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job

Preferred

Experience in cybersecurity, data privacy, and third-party risk management disciplines as relevant to the following: Lead cross-functional teams and MA&D-focused workstreams, leveraging strong influencing skills to guide risk-based decision-making across deal teams, corporate functions, and external providers

Demonstrate strong experience in cybersecurity and data privacy risk assessment, compliance, and regulatory standards, with the ability to interpret assessment outputs (e.g., SAST/DAST, SCA, red team, network assessments, O365 security reviews) and convert them into actionable business risk insights

Provide subject matter expertise within the MA&D cyber and privacy risk domain, ensuring alignment with secure supply chain and third-party risk best practices, emerging regulations, and organizational requirements

Exhibit strong analytical and strategic problem-solving abilities, using data and structured thinking to assess complex risk scenarios, develop pragmatic remediation plans, and define metrics for monitoring risk and performance

Act as a change agent for MA&D risk management, contributing to improvements in standards, processes, and tools, while demonstrating comfort in ambiguity and the ability to make informed, balanced decisions under time pressure

Foster collaboration and communication across Corporate Development, Cybersecurity, Privacy, Legal, IT, business teams, and external partners, establishing trust and credibility while continuously seeking opportunities to improve MA&D and third-party risk processes and solutions

Benefits

Healthcare benefits include medical, dental, vision, and prescription drug coverage

Access to a Health Coach from GE Aerospace

The Employee Assistance Program, which provides 24/7 confidential assessment, counseling and referral services

The GE Aerospace Retirement Savings Plan

A 401(k) savings plan with company matching contributions and company retirement contributions

Access to Fidelity resources and planning consultants

Tuition assistance

Adoption assistance

Paid parental leave

Disability insurance

Life insurance

Paid time-off for vacation or illness

Company

GE Aerospace

Glassdoor3.9

GE Aerospace is a provider of jet and turboprop engines, as well as integrated systems.

Founded in 1892

Cincinnati, Ohio, USA

10001+ employees

https://www.geaerospace.com

Funding

Current Stage

Public Company

Total Funding

$2.01B

Key Investors

JobsOhioUS Department of EnergyAir Force Research Laboratory

2025-07-22Post Ipo Debt· $2B

2025-01-10Grant· $9M

2024-04-02IPO

Leadership Team

Amy Gowder

President and CEO Defense and Systems

H. Lawrence Culp

Chairman & CEO, GE Aerospace

Recent News

Gulf Times

A new engine question for Boeing’s delayed 777X

2026-02-05

Hindu Business Line

GE Aerospace scales up India presence as engine order book expands

2026-02-05

Benzinga.com

If You Invested $100 In GE Aerospace Stock 5 Years Ago, You Would Have This Much Today

2026-02-04

Company data provided by crunchbase