Deputy CISO, Cyber Security
1 month ago
The Deputy CISO, Cyber Security is a senior leader within the Phillips 66 CISO team. The position leads the strategic planning, development, and execution of enterprise-wide cybersecurity initiatives through a technical lens in a fast-paced, global, and innovative business environment. The Deputy CISO possesses exceptional leadership skills, creating credible connections with internal and external stakeholders, and cultivating a robust cyber ecosystem. The Deputy CISO reports to the CISO, assuming their role when necessary, and will play a crucial part in driving transformational improvements in cybersecurity processes and capabilities. In tandem with a broad understanding of cyber risk sources, reference frameworks, and mitigation strategies, this role requires the ability to think strategically, act decisively, and prioritize cyber investments to deliver risk outcomes that reduce the likelihood and impact of a cyber incident. Through education, influence, and data, the Deputy CISO embeds cyber risk management into business operations, supporting infrastructures and processes, new product launches, M&A activity, and portfolio cyber advisory.
Responsibilities May Include:
- Collaborate in the creation of the overall cybersecurity strategy, roadmap, and standards, leading the areas within the cybersecurity governance domain.
- Implement and manage the security policies and controls for both IT and OT systems, including SCADA systems, and ensure the interdependencies and zone boundaries are well-defined and secured.
- Establish, maintain, and report upon cyber key performance indicators that provide visibility into the operation of key elements of the Phillips 66 cyber security program.
- Deploy new security technologies and enhancements to existing security technologies and use data-driven business case processes to strengthen enterprise cyber resilience.
- Leverage security tools, independent third parties, internal audit, and cyber staff to identify security vulnerabilities and take actions to reduce Phillips 66's exposure to harm from external and internal threats, including insider risk.
- Understand the evolving threat landscape and adapt the security governance program to effectively understand, mitigate, and report upon cyber risk in an everchanging environment.
- Partner with State and Federal agencies (DHS, TSA, FBI, ISACs, etc.) to share relevant actionable cyber threat information, cyber policies, and practices, and to coordinate response to incidents.
- Test and evaluate the effectiveness of the cybersecurity incident response plan and conduct annual exercises with the security team and relevant stakeholders.
- Demonstrate strong understanding of administrative, physical, and technical controls used to govern, identify, protect, detect, respond, and recover from cyber threats and attacks.
- Administer OPEX and CAPEX security budget and oversee budget planning and forecasting.
- Build and manage staff, including performance management, career development, recruitment, retention succession planning, and workload balance.
Required Qualifications:
- Legally authorized to work in the job posting country
- Bachelor's degree
- 8 or more years of experience in IT security
- 8 or more years of progressive leadership experience
- Security certifications: CISSP, CISA or CISM
- Experience managing advanced, complex cyber security incidents across Information Technology (IT) and Operational Technology (OT) environments
- Knowledge of cyber security frameworks such as NIST CSF and MITRE ATT&CK
- Ability to obtain federal security clearance
Preferred Qualifications:
- Bachelor's Degree or higher in Information Systems, Computer Science or related technical discipline
- Experience in CISO or Deputy CISO
- Certified Cloud Security Professional or equivalent
- Cyber security experience in the energy industry
- 8 or more years of experience in IT security within the oil and gas industry
- Solid knowledge of various security technologies, to include firewalls, intrusion detection/prevention systems, endpoint protection, and security information and event management (SIEM) tools
- Proficiency in network security concepts, to include network segmentation, VPN (Virtual Private Network) configurations, and secure network architecture
- Experience with cloud security, to include understanding cloud architecture, identity and access management (IAM), and encryption in cloud environments
- Knowledge of secure coding practices, application vulnerabilities, and secure software development lifecycles (SDLC)
- Understanding how to identify, assess, and remediate vulnerabilities in both IT and OT systems
- Familiarity with ICS security, such as Modbus, SCADA, and PLC security
- Understanding of how to establish and maintain secure configurations for devices, servers, and network equipment. This includes hardening systems, managing access controls, and enforcing security policies
- Understanding various encryption methods and their application in securing data at rest and in transit
- Familiar with integrating security into the DevOps pipeline, to include secure code reviews, continuous security testing, and container security
- Strong knowledge of SCADA, Distributed Control Systems (DCS), and process control networks is essential for securing critical infrastructure
- Excellent written and verbal communication and presentation skills to bolster cyber acumen and advocacy across diverse stakeholders, including senior executives, end users, and board members
- Excellent interpersonal, relationship building and influencing skills
- Demonstrated success to building positive working relationships gaining support for the cybersecurity strategy and initiatives
- Understanding of cybersecurity program planning and sequencing, including governance, risk management, architecture, technology onboarding, vulnerability management, awareness and training, and cyber third-party risk management; Experience in the development, implementation, and monitoring of supporting processes
- Innovative thinking and leadership with a keen ability to influence and motivate cross-functional interdisciplinary teams
- Ability to anticipate technological developments and develop or enhance existing capabilities, policies, and procedures to protect the best interest of the organization
- Ability to adapt to a fast-moving cyber security landscape and keep pace with latest thinking and new security technologies
- Digital leadership skills-capable of empowering and leading a cyber security team to meet business and cyber security goals
- Analytical mind capable of managing numerous information sources and providing data analysis reports to senior management
Total Rewards
At Phillips 66, providing access to high quality programs and care for you and your family is important to us. Maintaining a culture of well-being - physical, emotional, social, and financial - is essential for a high-performing organization. When we are at our best, we are poised to deliver exceptional results - personally and professionally. Benefits for certain eligible, full-time employees include:
- Annual Variable Cash Incentive Program (VCIP) bonus
- 8% 401k company match
- Cash Balance Account pension
- Medical, Dental, and Vision benefits with an annual company contribution to a Health Savings Account for employees on HDHP
- Total well-being programs and incentives, including Employee Assistance Plan, well-being reimbursement, and backup family care services
Learn more about Phillips 66 Total Rewards .
Phillips 66 has more than 140 years of experience in providing the energy that enables people to dream bigger and go farther, faster. We are committed to improving lives, and that is our promise to our employees and our communities. We are sustained by the backgrounds and experiences of our diverse teams, which reflect who we are, the environment we create and how we work together. We have been recognized by the Human Rights Campaign, U.S. Department of Labor and the Military Times for our continued commitment to inclusive practices and policies in the hiring and retention of those in the LGBTQ+ community and military veterans. Our company is built on values of safety, honor and commitment. We call our cultural mindset Our Energy in Action, which we define through four simple, intuitive behaviors: We work for the greater good, create an environment of trust, seek different perspectives and achieve excellence.
Learn more about Phillips 66 and how we are working to meet the world's energy needs today and tomorrow, by visiting phillips66.com.
To be considered
In order to be considered for this position you must complete the entire application process, which includes answering all prescreening questions and providing your eSignature on or before the requisition closing date of 6/04/2024 .
Candidates for regular U.S. positions must be a U.S. citizen or national, or an alien admitted as permanent resident, refugee, asylee or temporary resident under 8 U.S.C. 1160(a) or 1255(a)(1). Individuals with temporary visas such as E, F-1, H-1, H-2, L, B, J, or TN or who need sponsorship for work authorization now or in the future, are not eligible for hire.
Phillips 66 is an EEO and Affirmative Action Employer of Women/Minorities/Veterans/Individuals with Disabilities
Nearest Major Market: Houston
We have other current jobs related to this field that you can find below
-
Deputy CISO, Cyber Security
3 weeks ago
Houston, United States Phillips 66 Full time. Phillips 66 & YOU - Together we can fuel the future The Deputy CISO, Cyber Security is a senior leader within the Phillips 66 CISO team. The position leads the strategic planning, development, and execution of enterprise-wide cybersecurity initiatives through a technical lens in a fast-paced, global, and innovative business environment. The Deputy...
-
Deputy CISO, Cyber Security
2 weeks ago
Houston, Texas, United States Phillips 66 Full timeCollaborate in the creation of the overall cybersecurity strategy, roadmap, and standards, leading the areas within the cybersecurity governance domain. Implement and manage the security policies and controls for both IT and OT systems, including SCA Security, Deputy, Cloud Architect, Network Architect, Cybersecurity, Management
-
Organizational Change Management- Cyber Security
4 weeks ago
Houston, United States InterSources Full timeOrganizational change management support for large OT security transformation with experience as Cybersecurity lead (e.g.,CISO) for energy companies with human risk & security architecture background. REQUIRED SKILLS 1. CYBER THREAT MANAGEMENT AND COUNTERMEASURES 2. CYBER RISK STRATEGY, FRAMEWORK AND PROCESS 3. ADOPTION STRATEGY 4. COMMUNICATIONS 5. CULTURE...
-
Organizational Change Management- Cyber Security
2 weeks ago
Houston, Texas, United States InterSources Full timeOrganizational change management support for large OT security transformation with experience as Cybersecurity lead (e.g.,CISO) for energy companies with human risk & security architecture background. REQUIRED SKILLSCYBER THREAT MANAGEMENT AND COUNTERMEASURES CYBER RISK STRATEGY, FRAMEWORK AND PROCESS ADOPTION STRATEGY COMMUNICATIONS CULTURE ASSESSMENT...
-
Information Security Officer
2 weeks ago
Houston, Texas, United States Recruiting Source International Full timePosition Description:I nformation Security Officer Houston, TX Description of Duties / Essential Functions Under the general direction of the client company Chief Information Security Officer (CISO), duties, functions and responsibilities of this position include: Develop and implement department specific Cybersecurity Master Plan aligned with the company...
-
Security Analyst
2 weeks ago
Houston, United States Alliant Group Full timealliantgroup, LP is currently experiencing explosive growth! As a national consulting firm focused on being the voice to the middle market, our mission is simple: Strengthening American businesses. How do we do this? We hire the brightest talent with the most diverse backgrounds who are passionate about making a difference. It's fun to work in a company...
-
Cyber Security Engineer
4 weeks ago
Houston, United States MindFore Full timeJob DescriptionJob DescriptionJob Title: Cyber Security Engineer Location: Houston, TXDuration: 12+ MonthsJob Description: Information Security Consulting Services - Candidates should have verifiable training and experience in the following areas including, but not limited to, technical security assessments, enterprise risk and compliance assessments,...
-
Cyber Security Analyst
4 weeks ago
Houston, United States OMW Consulting Full timeCyber Security Analyst - Threat Intelligence Houston - Hybrid 3 days on site $120k-$125kI am working with a leading Cyber Security consultancy who is looking to add a Threat Intelligence Analyst to their commercial client based in Houston, TX.To be considered for this position you will need the following experience: Computer related degree - Ideally Cyber...
-
Cyber Security Analyst
4 weeks ago
Houston, United States OMW Consulting Full timeCyber Security Analyst - Threat Intelligence Houston - Hybrid 3 days on site $120k-$125kI am working with a leading Cyber Security consultancy who is looking to add a Threat Intelligence Analyst to their commercial client based in Houston, TX.To be considered for this position you will need the following experience: Computer related degree - Ideally Cyber...
-
Cyber Security Analyst
4 weeks ago
Houston, United States Saxon Global Full timeGC, USC Title: Cyber Security Analyst Position Type: 12 months Contract Location: Remote, United States Rate: $75/HR on our C2C Company: Booz Allen Hamilton, Inc./Department of Veterans Affairs Required Education Level: Bachelor Required Degree: computer science, electronics engineering or other engineering or technical discipline is required. ...
-
Cyber Security Expert
1 week ago
Houston, United States Wärtsilä Full time**Cyber Security Expert**: Wärtsilä is an innovative technology company known for being a forerunner in the Marine and Energy markets. Every day, we - Wärtsiliän’s - put our hearts and minds into turning Wärtsilä's purpose of enabling sustainable societies with smart technology, and our Smart Marine and Energy visions into reality. Our ultimate aim...
-
Cyber Security Analyst
2 weeks ago
Houston, United States FIRST SERVICE CREDIT UNION Full timeJob DescriptionJob DescriptionAddress: 16430 Park Ten Place, Houston, Texas 77084Role:As a Cyber Security Analyst, you will safeguard our organization's digital assets and infrastructure from cyber threats. Your responsibilities will include monitoring potential vulnerabilities or breaches, analyzing security incidents, and developing strategies to...
-
Cyber Security Engineer
4 weeks ago
Houston, United States PTS Advance Full timeOur client is one of the largest publicly traded partnerships and leading North American provider of midstream energy, services to producers and consumers of natural gas, NGL's, crude oil, refined products and petrochemicals.Responsibilities:Development and maintenance of standards, specifications, details, procedures and documentation improvements for...
-
Cyber Security Engineer
4 weeks ago
Houston, United States PTS Advance Full timeOur client is one of the largest publicly traded partnerships and leading North American provider of midstream energy, services to producers and consumers of natural gas, NGL's, crude oil, refined products and petrochemicals.Responsibilities:Development and maintenance of standards, specifications, details, procedures and documentation improvements for...
-
Cyber Security Analyst
2 weeks ago
Houston, United States FIRST SERVICE CREDIT UNION Full time**Role**: As a Cyber Security Analyst, you will safeguard our organization's digital assets and infrastructure from cyber threats. Your responsibilities will include monitoring potential vulnerabilities or breaches, analyzing security incidents, and developing strategies to mitigate risks. You will work closely with cross-functional teams to ensure that...
-
Cyber Security Analyst
7 days ago
Houston, United States Gravity IT Resources Full timeJob Title: Cyber Security Analyst Job Type: Direct Hire Location: Houston, TX (Hybrid onsite) Our client is a leading producer in the North American oil and gas industry. They understand the critical importance of cybersecurity in protecting their infrastructure, data, and operations. To bolster their cybersecurity efforts, they are seeking a skilled Cyber...
-
Cyber Security Analyst
1 week ago
Houston, United States Gravity IT Resources Full timeJob Title: Cyber Security AnalystJob Type: Direct HireLocation: Houston, TX (Hybrid onsite)Our client is a leading producer in the North American oil and gas industry. They understand the critical importance of cybersecurity in protecting their infrastructure, data, and operations. To bolster their cybersecurity efforts, they are seeking a skilled Cyber...
-
Cyber Security Analyst
1 week ago
Houston, United States Gravity IT Resources Full timeJob Title: Cyber Security AnalystJob Type: Direct HireLocation: Houston, TX (Hybrid onsite)Our client is a leading producer in the North American oil and gas industry. They understand the critical importance of cybersecurity in protecting their infrastructure, data, and operations. To bolster their cybersecurity efforts, they are seeking a skilled Cyber...
-
Cyber Security Engineer
2 weeks ago
Houston, Texas, United States MindFore Full timeJob DescriptionJob Title: Cyber Security EngineerCompany: ConfidentialLocation: Houston, TXDuration: 12+ MonthsAbout the Job:Seeking skilled Cyber Security Engineers with expertise in various security assessments, risk management, incident response, and more.Experience in a hospital/healthcare environment is preferred.
-
Cyber Security Engineer
1 month ago
Houston, United States VC5 Consulting Full timeTitle: Cybersecurity EngineerType: ContractLocation: Houston, TX - HybridKey responsibilities for the cyber threat analyst role:Identify threats and work to create steps to defend against themPerform vulnerability assessments and discovery scans across all network segmentsMonitor network traffic for suspicious behaviorAnalyze current security requirements...
