Chevron
Website:
chevron.com
Job details:
Key Responsibilities
- Contribute to OT/IACS Cybersecurity initiatives, technology projects and security programs for one or more digital platform
- Contribute to the design and review of secure IACS/OT network architectures and data flows including communication between applications, ports, protocols, and services
- Contribute to the creation of OT/IACS cybersecurity guardrails and IT engineering standards to ensure OT architectures, solutions and technologies across the Chevron enterprise are built using a secure-by-design methodology
- Utilize industry standards and frameworks (e.g., NIST-800-53/82, IEC-62443, MITRE ATT&CK / D3FEND), to identify capabilities and technologies to provide enhanced cyber defenses in diverse scenarios
Required Qualifications
- Preferred Required education / degrees
Bachelor’s degree or master’s degree in Information Technology, Computer Science, Engineering, or related STEM field is preferred, but not required.
- Preferred qualifications / certifications
Certifications in Industrial Control Systems Cybersecurity or in IT Cybersecurity are highly preferred (e.g., GISCP, GCIP, CISSP, or other similar certification)
- Vendor-specific training on Operational Technology, IACS equipment manufacturers and internal network systems are highly preferred.
- Certifications in SAFe Scaled Agile or related scrum/agile project management framework is desirable.
- Required work experience
- Minimum 2 years related work experience in Operational Technology/Industrial Controls Systems Cybersecurity field with increasing levels of responsibility.
- “Hands-On” experience with OT/IACS critical infrastructure in energy or similar industries preferred.
Preferred Qualifications
- Other preferred skills / competencies
- Experience in utilizing frameworks and standards such as NIST-800-53/82 and IEC-62443 in an IACS environment
- Experience with Industrial Internet of Things (IIoT), optimization, “Big data” analytics, OT integration and/or SCADA from the Cloud is preferred.
- Experience in conducting and/or leading cybersecurity assessments (risk, vulnerability) and creating a detailed mitigation plan and recommendations to address gaps identified
- Demonstrated OT Cybersecurity project experience including leading the development of security architectures (programs) and secure network architectures (systems).
- Experience in performing OT/IACS vulnerability scans, passively and actively with technologies such as Tenable Nessus or NMAP scanning tools.
- Understanding of threats, vulnerabilities, attack paths and exploits in an OT/IACS environment
- Experience with selecting, designing, architecting, and deploying security technologies to an OT/IACS environment
- Ability to influence and motivate teams, and work with a variety of disciplines, cultures, and environments.
- Demonstrated ability to work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.
- Demonstrated ability to provide leadership behaviors across enterprise through rigorous change management and compliance processes, while driving efficiencies.
- Knowledge of techniques and tools that promote effective analysis and the ability to determine root cause and resolution of problems.
- Communicates in a clear, concise, understandable manner both orally and in writing.
Click on Apply to know more.