Primary purpose of job

Governance and execution of the Information Security Management System (ISMS) including developing policies, standards and procedures required for the corporate information security in both an information technology (IT) and operational technology (OT) capacity. Define required information security policies, standards and procedures related to their areas of operation as well as raising awareness of those polices, standards and procedures. Conduct compliance and operational maturity assessments to ensure optimal operation of the information and operational technology environments under the guidelines of the ISMS.

Experience & Skills

• 1O+ years of relevant professional experience.
• Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
• Experience with and understanding of customized information security management systems.
• Experience in information security awareness initiatives and community building.
• Knowledge of information security capabilities and requirements analysis.
• Knowledge of relevant state laws, industry regulations, and security standards.
• Excellent written, verbal and presentation communication skills.

Education

• Bachelor degree in information security, computer science, or engineering.
• Professional certifications in information security management and standards compliance (e.g., CISSP, CISA, GIAC, ISO 27001, etc.) and experience with control frameworks (e.g., NIST Cybersecurity Control Framework).