Ot Cybersecurity Engineer

Chevron is accepting online applications for the position ofOT Cybersecurity Engineerlocated inMakati City, PhilippinesthroughOctober 2,2024at11:59 p.m. PH Time.

Join our Team

Chevron's strategy is straight-forward: be a leader in efficient and lower carbon production of traditional energy, in high demand today and for decades to come, while growing lower carbon businesses that will be a bigger part of the future. To achieve these goals, we'll build on the assets, experience, capabilities, and relationships we've developed over 140 years to incubate and grow new business.

Technology will play a crucial role in unlocking ever cleaner and more affordable sources of energy. Chevron is seeking innovative, technology professionals with a desire to thrive in the global digital environment and help us lead the global energy transition. An IT career at Chevron offers you the opportunity to work in a technical environment with a global reach. You'll find that we make a business of investing in our people and encouraging your professional development through a learning culture and challenging on-the-job opportunities. Wedifferentiate ourselvesthrough the application of cutting-edge technology, and by taking a collaborative approach that includes in-house expertise, proprietary solutions, and strategic partnerships. We also offer flexible work schedules and very competitive benefits.

Join Chevron IT. Lend us your skills and enjoy a great career with Chevron.

The OT Cyber Engineering and Innovation teamis responsible forthe strategic direction OT/ICS cybersecurity in Chevron. OT Cybersecurity Engineers support activities such as secure-by-design, standardized network architectures, and the secure implementation of OT/ICS digital technologies across Chevron.

OT Cyber Engineers are cybersecurity influencers functioning at the Chevron Enterprise level, reaching broadly across all platforms, all IT Foundational Platform product lines, select Digital Platforms, and OT/ICS Business Unit teams. These engineers have a grasp of business breadth, along with technical depth to help stakeholders make quality cybersecurity investment decisions.

This role positivelyimpactsglobal security practices, in various operating assets and environments, delivering on the Chevron cybersecurity integrated risk management strategy.

As an OT Cybersecurity Engineer you will:
Lead OT cybersecurity, and secure by design assessments including detailed design reviews, system and component descriptions, identification and selection of evaluation criteria, network topology reviews, mapping of data flows to ports, protocols, and services tables

Contribute to the creation of OT/ICS cybersecurity guardrails to ensure all OT architectures, solutions and technologies across the Chevron enterprise are built using a secure-by-design methodology

Contribute to the design and review of secure OT/ICS network architectures and data flows including communication between applications, ports, protocols, and services

Lead cybersecurity risk assessments for Chevron's Business Unit OT/ICS designs/installations and/or emerging technology OT solutions to determine criticality rankings and risk gaps

Safely support vulnerability scanning of OT/ICS including the qualified use of common scanning technologies and practices of new technologies

Provide recommendations and plans to mitigate identified issues from OT/ICS cybersecurity and risk assessments, ICS Vulnerability assessments, and OT Pen tests

Influence stakeholders at an enterprise level on OT Cyber initiatives.

Provide subject matter leadership in cybersecurity infrastructure during cyber incidents, response, and remediation.

The Role:
Contribute to developing strategic OT/ICS Cybersecurity initiatives, technology projects and security programs across the Chevron Enterprise globally

Contribute to the design and review of secure OT/ICS network architectures and data flows including communication between applications, ports, protocols, and services

Contribute to the creation of OT/ICS cybersecurity guardrails to ensure all OT architectures, solutions and technologies across the Chevron enterprise are built using a secure-by-design methodology

Set cybersecurity expectations with governance boards, responsible for decision authority on policies, architecture, internal standards, guardrails, and initiatives for OT Cybersecurity

Utilize industry standards and frameworks (e.g., NIST-800-53/82, ISA/IEC-62443, MITRE ATT&CK / D3FEND), to identify capabilities and technologies to provide enhanced cyber defenses in diverse scenarios

Develop OT security research project proposals for consideration by external energy industry organizations or internal research portfolios. Research, test, and/or lead proof-of-concepts for new and emerging OT technologies

Lead cybersecurity risk assessments for Chevron's Business Unit OT/ICS designs/installations and/or emerging technology OT solutions to determine criticality rankings and risk gaps

Lead OT cybersecurity assessments including detailed design reviews, system and component descriptions, identification and selection of evaluation criteria, network topology reviews, mapping of data flows to ports, protocols, and services tables

Safely support vulnerability scanning of OT/ICS including the qualified use of common scanning technologies and practices of new technologies

Provide recommendations and plans to mitigate identified issues from OT/ICS cybersecurity and risk assessments, ICS Vulnerability assessments, and OT Pen tests

Lead or participate in industry standard committees, customer advisory councils, and/or technology joint industry projects (JIPs) for OT/ICS environments

Influence stakeholders at an enterprise level on OT Cyber initiatives.

Provide subject matter leadership in cybersecurity infrastructure during cyber incidents, response, and remediation.

Take a technical leadership role in the internal OT Cybersecurity Guild, for knowledge transfer and mentoring, and actively participate, contribute, and present to other OT/ICS Cybersecurity forums/conferences (both internal and external).

Some travel (up to 20%) may be required.

Requirements:

Education
Bachelor's degree or master's degree in Information Technology, Computer Science, Engineering, or related STEM field is preferred, but not required.

Cybersecurity certification such as the CISSP, CISA, GICSP, or ISA Secure, is preferred, but not required.

Experience
At least 5 years of relevant experience with IT/OT/ICS systems architecture, OT/ICS infrastructure, OT network security, OT cloud security, applications, and databases

"Hands-On" experience with network security capabilities and technologies for OT/ICS systems, and ability to design secure network architectures and implement solutions for cybersecurity technologies utilizing a secure by design methodologies for OT/ICS systems

Familiar with the application of NIST SP 800-53/82 and IEC62443 standards to OT systems and its' risk-based application in an OT/ICS environment

Experience in conducting and/or leading cybersecurity assessments (risk, vulnerability) and creating a detailed mitigation plan and recommendations to address gaps identified

Experience in performing OT/ICS vulnerability scans, passively and actively with technologies such as Tenable Nessus or NMAP scanning tools

Experience with selecting, designing, architecting, and deploying security technologies to an OT/ICS environment

Demonstrated OT Cybersecurity project experience including leading the development of security architectures (programs) and secure network architectures (systems).

Skills
Demonstrated understanding of OT/ICS critical infrastructure in energy or similar industries including and understanding of threats, vulnerabilities, attack paths and exploits in an OT/ICS environment.

Proficiency in OT/ICS secure network design and building network architecture drawings.

Demonstrated ability to influence others, work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.

Demonstrated ability to provide leadership behaviours across enterprise through rigorous change management and compliance processes, while driving efficiencies.

Knowledge of techniques and tools that promote effective analysis and the ability to determine root cause and resolution of problem.

Communicates in a clear, concise, understandable manner both orally and in writing.

Hands on use of cybersecurity technologies such as network mapping and vulnerability scanning in OT/ICS environments preferred, but not required.

Familiarity with Cloud and OT/ICS integration is preferred, but not required.

Working with us

There are two Chevron companies operating in the Philippines: Chevron Holdings Incorporated (CHI) and Chevron Philippines Incorporated (CPI).

CHI is a shared services center providing transactional, processing, and consulting services in the areas of finance and accounting, information technology, supply chain management, human resources, downstream customer service and marketing. Established in 1998, CHI serves Chevron affiliates in six continents around the world. Over the years, it has grown to be one of the leading members of the shared services industry in the Philippines.

CHI has received various recognitions as a top employer:the 2022 Diversity Company of the Year;the 2021 Asia's Best Employer Brand Award; 2021 Global Best Employer Brand Award; 2020 HR Asia Best Companies to Work for in Asia; 2019 Circle of Excellence, Top Employer Category at Asia CEO Awards and the 2018 Wellness Company of the Year at the same Asia CEO Awards.

CPI markets the Caltex brand of top-quality fuels, lubricants and petroleum products through a network of service stations, terminals and sales offices.

At Chevron, we are committed to fostering diversity and inclusion at all levels of our company and at all stages of the employee experience. We constantly strive to attract, develop and retain diverse Filipino talent. Globally, Chevron Corporation has achieved a rating of 100 percent in the Human Rights Campaign Equality Index for the past 17 years. The Index ranks American companies based on their commitment to lesbian, gay, bisexual and transgender equality in the workplace.

Benefits
Competitive salary

Allowances, medical and optical reimbursements

Health care coverage for you and your eligible dependents

Robust employee centred programs for health and wellness

Time-off to promote healthy work-life balance or to care for your family

Annual corporate incentive bonus when the company meets established goals

Recognition & awards program

Long-term savings plan

Life insurance

Career development opportunities to all employees through onboarding, training and development, mentoring, volunteering opportunities and employee networking groups

Hybrid work model - work remotely from home several days a week

Connect with us

Facebook
Instagram
LinkedIn
Twitter
YouTube Chevron
YouTube Caltex

Chevron participates in E-Verify in certain locations as required by law.