VP, Global Information Security

At H&P, our people are our strength.

Since 1920, H&P has been the industry’s most trusted partner in drilling productivity and reliability.  We continue that legacy with a strategy focused on long-term profitable growth and forward-looking products and services.  H&P’s integrity promise permeates its interactions with shareholders, business partners, employees and the communities in which it operates across the globe.  We are committed to technologies and innovation that serve to unite our goals of customer value and sustainability.

At H&P, our people are our strength. We strive to continually lead with our Core Values that enable employees to develop on their H&P Journey. We believe that doing the right thing means creating a more diverse, equitable, and inclusive workplace that empowers our people to bring their authentic selves to work every day.  Some companies offer career paths. We offer a Journey of a Lifetime. Let's go far, together.

Hear directly from our employees, and leaders about their unique journeys at Helmerich and Payne. 

The VP, Global Information Security will make an impact by providing strategic leadership to ensure H&P meets its strategic objectives safely and securely. This role oversees the maturation of the cybersecurity program globally, including IT and OT environments and plays a crucial role in upholding H&P's core values of safety and continuous improvement, with a commitment to eliminating exposures and achieving incident-free operations, a commitment we take seriously at H&P. As H&P endeavors to meets it’s objectives to grow globally and continue a leadership position of bringing innovative technologies to the industry, this role is key in ensuring we do so safely.

This position calls for a visionary leader with strong business acumen and extensive knowledge of cybersecurity technologies across corporate and operational contexts. The Global Head of Information Security is responsible for establishing and maintaining a robust and relevant cybersecurity program, ensuring that information assets, technology, applications, systems, infrastructure, and processes are adequately protected in the digital ecosystem.

A key element of this role is working with executive management and risk owners to determine acceptable levels of risk for the organization. You will proactively work with business units, operations teams, software teams, and ecosystem partners to implement practices that meet agreed-on policies and standards for cybersecurity. The Global Head of Information Security should understand and articulate the impact of cybersecurity on the business, and be able to communicate this to the board of directors and other senior stakeholders.

The incumbent must be knowledgeable about both internal and external (third party) business partner environments, ensuring that information systems are maintained in a fully functional and secure mode and are compliant with legal, regulatory and contractual obligations. They serve as the process owner for second-line assurance activities, focusing on confidentiality, integrity, and availability of information. Their expertise extends to supporting the organization's safety, privacy, reliability, and resilience requirements, recognizing the importance of securing information assets both within and beyond the organization's perimeter.

The ideal candidate is a thought leader who bridges business and technology, integrating people, processes, and technology. While leading the cybersecurity program, they must coordinate various drivers, constraints, and personalities, maintaining objectivity and a clear understanding that cybersecurity is fundamental to achieving the organization’s business goals and objectives.

Location: Tulsa, OK

Work Type: Hybrid

#LI-Hybrid

• Demonstrate Company Values: Embody H&P's core values: Actively C.A.R.E., Service Attitude, Innovative Spirit, Teamwork, and Do the Right Thing.

• Cybersecurity Leadership - Lead the cybersecurity function to deliver high-quality information security that aligns with organizational priorities and business goals. Develop and execute a comprehensive cybersecurity strategy and operating model in consultation with stakeholders, ensuring alignment with risk management and compliance. Create a clear cybersecurity vision and secure senior stakeholder support. Oversee the cybersecurity budget, manage an effective team including direct and dotted-line reports, and drive staff development, hiring, and performance management. Implement and monitor a strategic cybersecurity program that ensures the confidentiality, integrity, and availability of information assets, addresses non-IT managed services, and empowers teams to make informed decisions within the organization’s risk appetite.

• IT Team Leadership: As a member of a cross functional leadership team, represent IT as a whole and not just your functional area. Be a champion for ensure business and IT success as a spokesperson, business partner and team member for your peers.

• Internal and External Networking: Build internal networks across various departments and external networks with industry peers, vendors, and agencies to address common cybersecurity challenges.

• Industry Representation: As required, represent H&P at key industry forums and meetings such as ONG-ISAC, IADC, and Cybersecurity Insurance.

• Governance and Reporting: Establish and oversee a cybersecurity governance structure, including a steering committee. Provide regular reports on the cybersecurity program’s status to enterprise risk teams, senior leaders, and the board, linking outcomes to business objectives.

• Policy Development: Oversee the creation, approval, and implementation of security policies. Manage vendor and customer cybersecurity requirements, ensuring contracts and compliance align with business goals.

• Training and Awareness: Develop and implement a targeted cybersecurity training program with metrics to gauge effectiveness across different audiences.

• Cross-Disciplinary Coordination: Ensure consistent application of policies across technology projects and related disciplines such as privacy, risk management, and business continuity.

• Risk Management: Advise on cyber risk posture, mandatory controls, and governance structures. Manage the cybersecurity budget and report discrepancies.

• Risk Assessment: Work effectively with business units to facilitate cybersecurity risk assessment and risk management processes and empowers them to make the right decisions that fall within the risk appetite of their organization.

• Framework Adoption: Ensure adherence to best practices and a relevant cybersecurity framework (such as the NIST Cybersecurity Framework), utilizing a risk-based control framework for global compliance while meeting business objectives.

• Policy Management: Maintain and update cybersecurity policies, standards, and guidelines. Facilitate a metrics and reporting framework to assess program effectiveness and resource allocation.

• Incident Management and Resilience: Oversee Manage cybersecurity incidents, monitor external threats, and develop resilience policies and incident response plans. Ensure recovery of business-critical services and manage asset inventories.

• M&A Activities: May lead due diligence and post-integration activities related to information security for mergers and acquisitions.

• Degree in technology-related field, or equivalent work/ education related experience

• 10+ years of relevant experience and track record of competency in the field of cybersecurity and IT or OT security

• Minimum 5 years in a senior leadership role with demonstrated track record of impactful decision making, managing, and guiding teams with significant autonomy, and driving impactful outcomes through strategic judgment and effective leadership.

• Experience successfully executing programs that meet the objectives of excellence in a dynamic business environment.

• Knowledge and understanding of relevant legal and regulatory requirements, such as: Sarbanes Oxley Act (SOX) and Securities and Exchange cybersecurity incident reporting.

• Sound knowledge of business management and a working knowledge of cybersecurity risk management and cybersecurity technologies.

• Up-to-date knowledge of methodologies and trends in both business and IT

• Excellent communication skills, interpersonal and collaborative skills, and the ability to communicate cybersecurity and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.

• Notable experience leading, developing, and expanding global teams and their responsibilities.

• Ability to lead and motivate the cybersecurity team to achieve tactical and strategic goals, even when only "dotted" reporting lines exist.

• Excellent stakeholder management skills.

• Financial/budget management and workforce management.

• Ability to develop and implement security strategies that are aligned with the organization's business goals.

• Ability to travel (domestic and international) to meet with H&P and / or subsidiary employees and leadership, peer groups, industry groups, law enforcement or regulatory bodies, and conferences when appropriate.

• Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials.

What we offer:

At H&P, our commitment to our people is at the forefront, and that includes benefits that provide employees a sense of health and financial security. We know that life continues outside of employment and actively caring of our people is our priority. Comprehensive medical, dental, vision, and life insurance 

• Comprehensive medical, dental, vision, and life insurance 
• Flexible Spending or Health Savings Accounts
• 401k match 
• Paid Leave Plans
• Parental & Adoption Benefits
• Disability Coverage
• Employee Assistance Program 
• Educational Assistance 
• Learning & Development Opportunities
• Flex-scheduling available for qualifying positions to achieve work-life integration.

H&P is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability.

For more information on benefits and job opportunities, please visit Careers | Helmerich & Payne, Inc.

Thank you for your interest in joining our team!

Thank you for your interest in joining our team!