Role Description Summary: As a Cybersecurity Risk Analyst supporting Merger and Acquisition integrations and Divestments, you'll be instrumental in developing and maintaining cybersecurity strategies, policies, and risk management processes. Your expertise will ensure the effective security of operations within Chevron, focusing on the integration of IT or OT systems.
Role Description: The Cybersecurity Risk Analyst is tasked with assessing risks, analyzing cyber threats, and preventing cyber-attacks during the integration of IT or OT systems. You'll provide guidance on risk management measures, threat identification, and mitigation strategies while protecting confidential information. Your responsibilities include tracking remediation activities, coordinating audits, and ensuring compliance with cybersecurity standards. This role involves collaboration with key stakeholders to develop integration plans, update cybersecurity documentation, and incorporate best practices into integration playbooks.
Responsibilities:
Track portfolio of cybersecurity integrations and divestments, identifying areas of concern for leadership awareness.
Develop cybersecurity decision support packages to provide recommendations for integration or divestiture activities.
Coordinate assurance audits, representing information technology throughout the audit lifecycle.
Develop and update cybersecurity integration and divestment playbooks based on best practices.
Address cybersecurity gaps in pre-integrated environments through prioritization and tracking of remediation activities.
Serve as cyber integration representative for internal and external cyber initiatives.
Required Qualifications/Skills:
3-5 years of related work experience in Information Technology.
Knowledge of industry policies, standards, and controls (e.g., NIST 800-53, ISO 27001).
Strong understanding of technology/data concepts such as access control, encryption, and data privacy.
Certifications desired: CISSP, CISM, CISA, CRISC, or other cybersecurity certifications.
Preferred Qualifications/Skills:
Demonstrated "One Team" behaviors and effective influencing tactics.
Highly organized with the ability to prioritize and multitask in a fast-paced environment.
Strong communication skills, both oral and written, with the ability to explain complex IT concepts clearly.
Utilizes risk analysis best practices to provide a clear decision-making framework for managing information risk.
Education:
Associate or Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or similar technical degree. Relevant experience will be considered.