Cybersecurity Risk Analyst

Chevron is accepting online applications for the position of Cybersecurity Risk Analyst located in Makati City, Philippines.

Chevron invests in its people to build technical and professional competencies through various training opportunities, development programs, mentoring/coaching engagements, and certification courses. All are applied through experiential learning and actual practice while solving real business problems, but in a safe, supportive, and 'fail-fast' environment.

Technology will play a crucial role in unlocking ever cleaner and more affordable sources of energy. Chevron is seeking innovative, technology professionals with a desire to thrive in the global digital environment and help us lead the global energy transition. An IT career at Chevron offers you the opportunity to work in a technical environment with a global reach. We differentiate ourselves through the application of cutting-edge technology and by taking a collaborative approach that includes in-house expertise, proprietary solutions, and strategic partnerships. We also offer flexible work schedules and very competitive benefits.

Join Chevron IT.Grow your skills with us and enjoy a great career with Chevron.

The Cybersecurity Risk Analyst position is responsible for assessing risks, analyzing cyber threats, and assisting in preventing cyber-attacks before they occur. They provide guidance on tools to measure and manage risk, identify/mitigate threats, and protect against unauthorized disclosure of confidential information. The Cybersecurity Risk Analyst's duties include assessing the adequacy of security strategies, adherence to security guardrails, and calculating the impact of adverse events or threats. Ideal candidates will assist in ensuring effective execution of cybersecurity strategies and our risk management framework by managing relationships with key stakeholders, verifying that IT risks are appropriately mitigated, as well as providing periodic updates on the state of compliance.

As a Cybersecurity Risk Analyst, you will:

• Advise leadership on cybersecurity initiatives that support the latest trends in IT & OT security, risk, and controls.

• Maintain cybersecurity documentation including Business Continuity and Disaster Recovery Plans.

• Facilitate risk assessment exercises, perform compliance and risk monitoring/validation, and other compliance assurance exercises as required.

• Lead awareness and training for the information technology risk program elements to ensure responsibilities are understood and executed.

• Coordinate external and internal assurance or advisory audits, representing information technology throughout the lifecycle of the audit (from planning through remediation strategy).

• Monitor, track, and report mitigation and resolution of IT risks.

• Facilitate compliance of all equipment utilized in the Process Control Network (PCN)/Operational Technology (OT) and Demilitarized Zone (DMZ), including timely remediation of critical vulnerabilities.

• Support and integrate IT standards into the PCN environment.

  Serve as site representative for internal and external cyber initiatives.

• Serve as Process Advisor for the Operations Technology Incident Response Process (OTIRP).

Requirements:

• Bachelor's degree in Computer Science, Cyber Security, Information Technology, or a similar technical degree.

• Minimum of 5 years of related work experience in Information Technology field.

• Knowledge of and experience with Industry Policies, Standards and Controls (e.g., NIST 800-53, ISO 27001, COBIT, ITIL, SOX, PCI-DSS, SANS, etc.).

• Understanding of key technology/data concepts such as access control, confidential data, encryption, data privacy, information management, intellectual property, business continuity, disaster recovery, security scans, and third party/vendor applications.

• Functional knowledge in systems architecture for both IT and OT systems. Experience with OT, ICS, PCN systems, including PCN infrastructure a plus.

• Certifications: Desired but not required - Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC).

Preferred Qualifications:

• A self-starter that demonstrates "One Team" behaviors and demonstrated knowledge of effective influencing tactics and strategies.

• Highly organized with ability to prioritize and multi-task, as well as able to thrive in a fast-paced environment.

• Ability to impact decisions, influence and motivate teams, and work with a variety of disciplines, cultures, and environments.

• Communicates in a clear, concise, understandable manner both orally and in writing.

• Ability to explain detailed IT concepts and solutions in business terms and make complex materials clear and engaging.

• Utilizes qualitative and quantitative risk analysis best practices to provide a clear decision-making framework for managing information risk.

Working with us

There are two Chevron companies operating in the Philippines: Chevron Holdings Incorporated (CHI) and Chevron Philippines Incorporated (CPI).

CHI is a shared services center providing transactional, processing, and consulting services in the areas of finance and accounting, information technology, supply chain management, human resources, downstream customer service and marketing. Established in 1998, CHI serves Chevron affiliates in six continents around the world. Over the years, it has grown to be one of the leading members of the shared services industry in the Philippines.

CHI has received various recognitions as a top employer: the 2022 Diversity Company of the Year; 2021 Asia's Best Employer Brand Award; 2021 Global Best Employer Brand Award; 2020 HR Asia Best Companies to Work for in Asia; 2019 Circle of Excellence, Top Employer Category at Asia CEO Awards, and the 2018 Wellness Company of the Year at the same Asia CEO Awards.

CPI markets the Caltex brand of top-quality fuels, lubricants, and petroleum products through a network of service stations, terminals and sales offices.

At Chevron, we are committed to fostering diversity and inclusion at all levels of our company and at all stages of the employee experience. We constantly strive to attract, develop, and retain diverse Filipino talent. Globally, Chevron Corporation has achieved a rating of 100 percent in the Human Rights Campaign Equality Index for the past 17 years. The Index ranks American companies based on their commitment to equality in the workplace.

Benefits

• Competitive salary

• Allowances, medical and optical reimbursements

• Health care coverage for you and your eligible dependents

• Robust employee centred programs for health and wellness

• Time-off to promote healthy work-life balance or to care for your family

• Annual corporate incentive bonus when the company meets established goals

• Recognition & awards program

• Long-term savings plan

• Life insurance

• Career development opportunities to all employees through onboarding, training and development, mentoring, volunteering opportunities and employee networking groups

• Hybrid work model - work remotely from home several days a week

Connect with us:

Facebook

Instagram

LinkedIn

Twitter

YouTube Chevron

YouTube Caltex