Alaska – IT/OT Security Regional Lead

Who We Are

We are one of the world’s largest independent exploration and production companies, based on proved reserves and production of liquids and natural gas. With operations and activities in 13 countries, we explore for, develop, and produce crude oil and natural gas globally. We are challenged with an important job to safely find and deliver energy to the world. Our employees are critical to our success, and with them we power civilization.

We’re grounded by our SPIRIT Values – safety, people, integrity, responsibility, innovation, and teamwork. These values position us to deliver strong performance in a dynamic business – but not at all costs. We believe it’s not just what we do – it’s how we do it – that sets us apart.

We strive to make a significant difference in the communities where we live and operate. We create an inclusive environment that values all voices and opinions. Together, the different backgrounds, experiences, ideas, and perspectives of our employees drive our success.

Alaska Overview

ConocoPhillips is Alaska’s largest crude oil producer and largest owner of exploration leases, with approximately 1.6 million net undeveloped acres at year-end 2021. The company produced an average of 197 thousand barrels of oil equivalent per day in 2021. ConocoPhillips has major ownership interests in two of North America’s largest oil fields, both located on Alaska’s North Slope—Kuparuk, which the company operates, and Prudhoe Bay. Additionally, ConocoPhillips operates the Alpine Field located on the Western North Slope. The company has an ownership interest in the Trans-Alaska Pipeline System (TAPS) and owns/operates the Polar Tankers fleet.

Description

The Alaska Business Unit has an exciting opportunity for an experienced individual to join our global security team in the position of IT/OT Security Regional Lead.

The IT/OT Security Regional Lead will be responsible for providing security management direction to the Alaska Business Unit and security advice and guidance to IT and OT teams in accordance with corporate, business unit and statutory requirements.

This role also has an indirect reporting line to the CISO and a direct reporting line to the Alaska Digital Technology Manager. The reporting line/s may change aligned with future business activity.

Your responsibilities may include:

Security Strategy

• The IT/OT Security Regional Lead will Implement Global and Regional IT and OT Security policies and procedures across the Alaska Business Unit
• Ensure the development of Alaska security management structure, policy compliance, programs & procedures and relay back to CISO core team any local conditions, laws or regulations related to cyber security or data privacy, protection, retention
• Propose changes to CISO extended team for existing policies and procedures to ensure operating efficiency and regulatory compliance
• Hold a local security clearance relevant to Alaska and actively participate in public private sharing with state, local and national law enforcement for cyber threat intelligence and cyber related activities
• Monitor and report local/regional threat, regulatory, and privacy events, trends, and status to appropriate members of the IT/OT Security organization and Chief Security Officer/BU Physical Security Manager
• Guide Alaska BU IT and OT systems through security architecture and IT/OT risk assessment processes in collaboration with CISO office located in Houston, TX

Security Liaison

• Represent the company on IT and OT security matters to external parties, such as industry forums, government agencies, law enforcement agencies
• Assist local/regional resource owners and IT and OT staff in understanding and applying policy and control requirements and responding to security audit failures reported by auditors
• Provide support and assistance for IT and OT Security Awareness and Education topics within the region as an extension of the Global IT/OT Security program
• Work as a liaison with BU specific vendors and the legal and purchasing departments to ensure acceptable contracts and service-level agreements
• Work with stakeholders to identify information asset owners to classify data and systems
• Serve as an active and consistent participant in the IT OT security governance process
• Collaborate with CISO, IT, OT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program
• Provide support and guidance for legal and regulatory compliance efforts, including audit support

Architecture/Engineering Support

• Consult with local/regional IT, OT and CISO security staff to ensure security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software
• Develop a strong working relationship with the Enterprise Architecture Team, IT and OT Security Architecture Teams and broader IT/OT Security organization to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements

Operational Support

• Coordinate, measure, and report on the technical aspects of IT OT Security management
• Provide regional assistance, as required, to assist with the incident management and response process
• Accountable for the facilitation of Risk Management processes for Alaska and where possible the wider ConocoPhillips company to identify Risk Attributes, Business Impact and recommend treatment plans and communicate information about residual risk
• Provide IT OT Security consultation and facilitation services throughout the region to ensure appropriate application of security requirements and practices
• Manage security projects and provide expert guidance on security matters for other IT and OT projects
• Conduct IT and OT security incident response planning, training & exercises, including annual desktop exercises, for BU Crisis/Incident Management teams and emergency response personnel aligned with CMER teams and local BU Physical Security

Basic/Required:

• Must be legally authorized to work in the United States as a U.S. citizen or national, or an alien admitted as a permanent resident, refugee or asylee
• Bachelors degree or higher in Computer Science, Information Systems, Information Technology / Operational Technology Security, Security Management, Business or related field or foreign equivalent
• 5+ years security related experience 
• 1+ years investigative and/or intelligence experience, including knowledge and application of the intelligence cycle
• 1+ years experience operating in high threat environments
• Basic level knowledge of Alaska local, state & federal security regulations & legislation (including the International Ship & Port Facility Security Code) and their application to oil & gas projects
• Willing and able to travel (with or without reasonable accommodation) 25% of the time with minimal advance notice

Preferred:

• Master’s Degree
• 5+ years security related experience within the oil & gas sector
• Fluent in the English language
• Exceptional leadership, organizational and problem-solving skills.
• Strong communication and interpersonal skills when partnering with internal & external stakeholders
• Self-starter who can work effectively with minimal supervision.
• Takes accountability to drive outcomes to completion
• Generates effective solutions based on available information and makes timely decisions that are safe and ethical
• Builds strong relationships based on trust and seeks opportunities to collaborate across the matrix/organizational boundaries to achieve business goals
• Drives thoughtful and pragmatic change by encouraging innovative thinking and continuous improvement. Models adaptability by responding resourcefully, flexibly, and positively when faced with new challenges and demands

To be considered for this position you must complete the entire application process, which includes answering all prescreening questions and providing your eSignature on or before the requisition closing date of March 2, 2023.

Candidates for this U.S. position must be a U.S. citizen or national, or an alien admitted as permanent resident, refugee, asylee or temporary resident under 8 U.S.C. 1160(a) or 1255(a) (1). Individuals with temporary visas such as A, B, C, D, E, F, G, H, I, J, L, M, NATO, O, P, Q, R or TN or who need sponsorship for work authorization in the United States now or in the future, are not eligible for hire.

ConocoPhillips is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, veteran status, gender identity or expression, genetic information or any other legally protected status.