Advisor IT ICS Cyber Security

Oxy is an international energy company with assets primarily in the United States, the Middle East and North Africa. We are one of the largest oil and gas producers in the U.S., including a leading producer in the Permian and DJ basins, and offshore Gulf of Mexico. Our midstream and marketing segment provides flow assurance and maximizes the value of our oil and gas. Our chemical subsidiary OxyChem manufactures the building blocks for life-enhancing products. Our Oxy Low Carbon Ventures subsidiary is advancing leading-edge technologies and business solutions that economically grow our business while reducing emissions. We are committed to using our global leadership in carbon management to advance a lower-carbon world. Visit oxy.com for more information.

Occidental strives to attract and retain talented employees by investing in their professional development and providing rewarding opportunities for personal growth. Our goal is to meet the highest employer standards by ensuring the health and safety of our employees, protecting the environment and positively impacting our communities where we do business.

We are looking for an experienced and motivated individual to fill the position of IT Advisor within our IT ICS Cyber Security group based in Houston, TX.

This position will be part of Occidental Petroleum’s Industrial Control Systems (ICS) Security Team responsible for the implementation and maintenance of systems protecting and improving the security posture for Oxy ICS environment. The position will work closely with internal and external resources to contribute the development, implementation, and compliance of security policies and procedures for the ICS environment. The responsibilities include assessment of network topologies and environments to ensure the ICS/OT environment remains compliant and work with other teams to track/remediate deficiencies.

Desired Skills:

• Moderate level understanding of IT-OT convergence, Purdue Model, IDMZ concepts, network technologies, systems, and concepts.
• General understanding of Cyber security frameworks and standards such as NIST CSF, CIS, and MITRE ATT&CK
• General knowledge of industrial communication protocols and technologies from main vendors.
• Knowledge and experience of anomaly detection tools in the ICS/OT environment with the emphasis on correlation of data and remediation of any misconfigurations.
• Knowledge of OT asset & vulnerability management. Work with OT asset owners to remediate asset or vulnerability issues.
• Familiarity with OT monitoring technologies with some traffic analysis experience: Wireshark PCAPs, Intrusion Detection Systems (IDS).
• Experience with responding to security related incidents, incident response, conducting tabletop exercises.
• Experience with analyzing system, application, security, network logging data from a SIEM to create actionable work tasks for a SOC, IT security analysts, or other IT staff.
• Ability to effectively communicate technical information to a non-technical audience.
• Experience in supporting or troubleshooting industrial protocols such as OPC, Modbus TCP, HART etc. is a plus.

Desired Qualifications:

• Bachelor’s degree in information technology, Computer Science, Computer Engineering, or related field
• 5 or more years of experience in the IT/OT security field with hands-on experience and
• Knowledge of ICS / SCADA System Security (design, controls)
• IT certifications are desirable such as GISCP, CISSP, CEH, Cisco CCENT/CCNA
• Knowledge of the Oil and Gas industry and ICS environments Excellent project management,
• Organizational, time management, and interpersonal skills.
• Ability to work with sensitive and confidential information while maintaining the highest level of confidentiality, professionalism, and ethics.

Relocation will not be provided.

Occidental Petroleum Corporation does not offer sponsorship of employment-based nonimmigrant visa petitions for this role.

Recruitment Fraud

It has come to our attention various individuals and/or organizations are contacting people falsely pretending to recruit on behalf of Oxy. Please be aware that these recruiting scams and communications do not originate nor are they associated with our recruitment process.

Oxy does not charge a fee at any stage of the recruiting process. We will never:

• Ask you to pay for applications, interviews, meetings, processing, training or for any other fees

• Use recruiting or placement agencies that charge candidates an advance fee of any kind or

• Request personal information such as passport and bank account details at an early stage of our recruitment process.

All qualified applicants will receive consideration for employment without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.