Lead IT Cybersecurity Engineer

Total Number of Openings

About the position:

The Lead IT Cybersecurity Engineer is responsible for the technical design of IT cybersecurity architectural guidelines and standards, as well as the secure implementation of IT digital technologies across platforms and product lines in Chevron. The primary responsibility is to assure IT solutions are "secure by design", with a high focus on delivering secure digital capabilities and retiring legacy technology when possible.

Key Responsibilities:

Responsibilities include but are not limited to:
• Enable digital transformation by ensuring secure-by-design principles are incorporated in the IT digital capabilities across the enterprise
• Establish cybersecurity governance for IT technologies across all technology functions
• Lead security research proposals and proofs of concept for emerging technologies
• Consult as a subject matter expert on cybersecurity risk assessments for IT technologies
• Define cybersecurity architectures for IT solutions
• Serve as a subject matter expert in one or more cybersecurity domains, including, but not limited to, Network Security, Cloud Security, Endpoint Security, Application Security, Data Security, and Identity and Access Management

Required Qualifications:

• Minimum 5 years related work experience in cybersecurity with increasing levels of responsibility
• Technical experience in one or more cybersecurity domains, including, but are not limited to, Network Security, Cloud Security, Endpoint Security, Application Security, Data Security, and Identity and Access Management
• General understanding of the cyber threat landscape, including cyber-criminal and cyber-espionage threats
• Previous experience administering cybersecurity technologies and/or supporting cybersecurity operations

Preferred Education:

• Bachelor’s degree or master’s degree in Cybersecurity, Information Technology, Information Systems, or Computer Science
• Certifications in IT Cybersecurity are highly preferred (e.g., GISP, GREM, ISSEP, OSCP or other similar certification)
• Certifications in SAFe Scaled Agile or related scrum/agile project management framework is desirable
 
Preferred Qualifications:

• Knowledge of industry-accepted cyber security frameworks such as NIST 800-53, MITRE ATT&CK, and the Cyber Kill Chain
• Experience in conducting and/or leading cybersecurity assessments (risk, vulnerability) and creating a detailed mitigation plan and recommendations to address gaps identified
• Ability to influence and motivate teams, and work with a variety of disciplines, cultures, and environments
• Demonstrated ability to work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc
• Communicates in a clear, concise, understandable manner both orally and in writing

Chevron ENGINE supports global operations, supporting business requirements across the world. Accordingly, the work hours for employees will be aligned to support business requirements. The standard work week will be Monday to Friday. Working hours are 8:00am to 5:00pm or 1.30pm to 10.30pm.

Chevron participates in E-Verify in certain locations as required by law.