Company: Chevron
Industry:- Private
Employment Type:- Full-time
Work Hours:- 8 Hours
Locations:- USA
Full Job Description:
Chevron’s strategy is straightforward: be a leader in efficient and lower carbon production of traditional energy, in high demand today and for decades to come, while growing lower carbon businesses that will be a bigger part of the future. To achieve these goals, we’ll build on the assets, experience, capabilities, and relationships we’ve developed over 140 years to incubate and grow new businesses.
Technology will play a crucial role in unlocking ever cleaner and more affordable sources of energy. Chevron is seeking innovative, technology professionals with a desire to thrive in the global digital environment and help us lead the global energy transition. An IT career at Chevron offers you the opportunity to work in a technical environment with a global reach. You’ll find that we make a business of investing in our people and encouraging your professional development through a learning culture and challenging on-the-job opportunities. We differentiate ourselves through the application of cutting-edge technology, and by taking a collaborative approach that includes in-house expertise, proprietary solutions, and strategic partnerships. We also offer flexible work schedules and very competitive benefits.
Join Chevron IT. Lend us your skills and enjoy a great career with Chevron.
The OT Cyber Engineering and Innovation team is responsible for the strategic direction of OT/ICS cybersecurity in Chevron. OT Cybersecurity Engineers support activities such as secure-by-design, standardized network architectures, and the secure implementation of OT/ICS digital technologies across Chevron.
OT Cyber Engineers are cybersecurity influencers functioning at the Chevron Enterprise level, reaching broadly across all platforms, all IT Foundational Platform product lines, select Digital Platforms, and OT/ICS Business Unit teams. These engineers have a grasp of business breadth, along with technical depth to help stakeholders make quality cybersecurity investment decisions.
This role positively impacts global security practices, in various operating assets and environments, delivering on the Chevron cybersecurity integrated risk management strategy.
The Role
- Contribute to developing strategic OT/ICS Cybersecurity initiatives, technology projects, and security programs across the Chevron Enterprise globally
- Contribute to the design and review of secure ICS/OT network architectures and data flows including communication between applications, ports, protocols, and services
- Contribute to the creation of OT/ICS cybersecurity guardrails to ensure all OT architectures, solutions, and technologies across the Chevron enterprise are built using a secure-by-design methodology
- Set cybersecurity expectations with governance boards, responsible for decision authority on policies, architecture, internal standards, guardrails, and initiatives for OT Cybersecurity
- Utilize industry standards and frameworks (e.g., NIST-800-53/82, ISA/IEC-62443, MITRE ATT&CK / D3FEND), to identify capabilities and technologies to provide enhanced cyber defenses in diverse scenarios
- Develop OT security research project proposals for consideration by external energy industry organizations or internal research portfolios. Research, test, and/or lead proof-of-concepts for new and emerging OT technologies
- Lead cybersecurity risk assessments for Chevron’s Business Unit ICS/PCN designs/installations and/or emerging technology OT solutions to determine criticality rankings and risk gaps
- Lead OT cybersecurity assessments including detailed design reviews, system and component descriptions, identification and selection of evaluation criteria, network topology reviews, mapping of data flows to ports, protocols, and services tables
- Safely support vulnerability scanning of OT/ICS including the qualified use of common scanning technologies and practices of new technologies
- Provide recommendations and plans to mitigate identified issues from OT/ICS cybersecurity and risk assessments, ICS Vulnerability assessments, and OT Pen tests
- Lead or participate in industry standard committees, customer advisory councils, and/or technology joint industry projects (JIPs) for OT/ICS environments
- Influence stakeholders at an enterprise level on OT Cyber initiatives.
- Provide subject matter leadership in cybersecurity infrastructure during cyber incidents, response, and remediation.
- Take a technical leadership role in the internal OT Cybersecurity Guild, for knowledge transfer and mentoring, and actively participate, contribute, and present to other OT/ICS Cybersecurity forums/conferences (both internal and external).
- Some travel (up to 20%) may be required.
As a Senior OT Cybersecurity Engineer, you will:
Other Jobs You May Be Interested In
- Walmart Work From Home (No Experience, No Degree)
- Walmart Online Jobs For (13,14,15) Year Old’s
- Walmart Data Entry Jobs For Online Clients
- Walmart Remote Jobs That Pay $30 To $40 An Hour
- Member Support Representative
- Rotating Equipment Reliability Analyst
- Infrastructure Full Time (Previous Intern)
- Quality Management Machinery Analyst / SME
- Loss Prevention Representative (LPR)
- Ordinary Seaman
- Financial Integrity Analyst
- 2023-2024 Oronite Oak Point Financial Analyst
- Biodiesel Operator
- Legal Analyst, Compliance
- Counsel/Senior Counsel
- Business Development Associate
- Online Office Manager
- Trade Compliance Advisor
- Client Service Manager – Work From Home
- Commercial Fuels Account Manager
- Member Of The Technical Staff – Energy Systems Analysis
- Editorial Analyst – Originals
- Writing Jobs For Teens
- Part-Time Remote Customer Support Specialist At Apple Inc
- Remote Data Entry Jobs For College Students
- Library Assistant (Teens Division)
- House Cleaner Job For Teens
- Dog Walker (Job For Teens)
- Part-Time Nanny
- Wayfair Work From Home (No Experience, No Degree)
- Wayfair Online Jobs For (13,14,15) Year Olds
- Wayfair Data Entry Jobs For Online Clients
- Wayfair Remote Jobs That Pay $30 To $40 An Hour
- Disney Work From Home (No Experience, No Degree)
- Disney Online Jobs For (13,14,15) Year Old’s
- Disney Data Entry Jobs For Online Clients
- Disney Remote Jobs That Pay $30 To $40 An Hour
- Google Work From Home (No Experience, No Degree)
- Google Online Jobs For (13,14,15) Year Old’s
- Google Data Entry Jobs For Online Clients
- Google Remote Jobs That Pay $30 To $40 An Hour
- American Express Work From Home (No Experience, No Degree)
- American Express Online Jobs For (13,14,15) Year Old’s
- American Express Data Entry Jobs For Online Clients
- American Express Remote Jobs That Pay $30 To $40 An Hour
- Lead OT cybersecurity, and secure by design assessments including detailed design reviews, system and component descriptions, identification and selection of evaluation criteria, network topology reviews, mapping of data flows to ports, protocols, and services tables
- Contribute to the creation of OT/ICS cybersecurity guardrails to ensure all OT architectures, solutions, and technologies across the Chevron enterprise are built using a secure-by-design methodology
- Contribute to the design and review of secure ICS/OT network architectures and data flows including communication between applications, ports, protocols, and services
- Lead cybersecurity risk assessments for Chevron’s Business Unit ICS/PCN designs/installations and/or emerging technology OT solutions to determine criticality rankings and risk gaps
- Safely support vulnerability scanning of OT/ICS including the qualified use of common scanning technologies and practices of new technologies
- Provide recommendations and plans to mitigate identified issues from OT/ICS cybersecurity and risk assessments, ICS Vulnerability assessments, and OT Pen tests
- Influence stakeholders at an enterprise level on OT Cyber initiatives.
- Provide subject matter leadership in cybersecurity infrastructure during cyber incidents, response, and remediation.
Requirements
Experience
- Minimum 5 years related work experience in Operational Technology/Industrial Controls Systems Cybersecurity field with increasing levels of responsibility.
- “Hands-On” experience with OT/ICS critical infrastructure in energy or similar industries preferred.
- Experience in utilizing frameworks and standards such as NIST SP 800-53/82 and IEC-62443 in an ICS environment
- Experience in conducting and/or leading cybersecurity assessments (risk, vulnerability) and creating a detailed mitigation plan and recommendations to address gaps identified
- Experience in performing OT/ICS vulnerability scans, passively and actively with technologies such as Tenable Nessus or NMAP scanning tools.
- Experience with selecting, designing, architecting, and deploying security technologies to an OT/ICS environment
- Demonstrated OT Cybersecurity project experience including leading the development of security architectures (programs) and secure network architectures (systems).
Skills
- Demonstrated understanding of OT/ICS critical infrastructure in energy or similar industries including an understanding of threats, vulnerabilities, attack paths, and exploits in an OT/ICS environment.
- Proficiency in OT/ICS network design and building network architecture drawings.
- Demonstrated ability to influence others, work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.
- Demonstrated ability to provide leadership behaviors across enterprise through rigorous change management and compliance processes, while driving efficiencies.
- Knowledge of techniques and tools that promote effective analysis and the ability to determine the root cause and resolution of problems.
- Communicates in a clear, concise, understandable manner both orally and in writing.
- HHands-on use of cybersecurity technologies such as network mapping and vulnerability scanning in OT/ICS environments is referred, to but not required.
- Familiarity with Cloud and OT/ICS integration is preferred, but not required.
Education
- A bachelor’s degree or master’s degree in information technology, Computer Science, Engineering, or a related STEM field is preferred, but not required.
- Cybersecurity certification such as the CISSP, CISA, GICSP, or ISA Secure, is preferred, but not required.
