IT/OT Security – Compliance Analyst

Conoco Phillips

Who We Are

We are one of the world’s largest independent exploration and production companies, based on proved reserves and production of liquids and natural gas. With operations and activities in 13 countries, we explore for, develop, and produce crude oil and natural gas globally. We are challenged with an important job to safely find and deliver energy to the world. Our employees are critical to our success, and with them we power civilization.

We’re grounded by our SPIRIT Values – safety, people, integrity, responsibility, innovation, and teamwork. These values position us to deliver strong performance in a dynamic business – but not at all costs. We believe it’s not just what we do – it’s how we do it – that sets us apart.

We strive to make a significant difference in the communities where we live and operate. We create an inclusive environment that values all voices and opinions. Together, the different backgrounds, experiences, ideas, and perspectives of our employees drive our success.


Compliance Analyst who will be responsible for providing leadership, independent compliance oversight, guidance, and direction necessary to maintain ongoing compliance with the physical and cyber security framework for the protection of assets to support safe and reliable operations. This position is a key member of the IT/OT Security and GRC (Governance, Risk and Compliance) (Governance, Risk and Compliance) team.

If you are selected as the IT/OT Security – Compliance Analyst, you will be responsible for day-to-day operations of the One Trust environment, supporting IT/OT Control frameworks and maintain and updating Risk assessment controls as applicable to environment. Knowledge of security governance principles combined with scripting ability will be key for this role.

This position can be located in Houston, Texas or Bartlesville, Oklahoma.

You may be eligible for the voluntary hybrid office work (HOW) program that is designed to provide employees with flexibility while maintaining the advantages of in-person engagement.

Your responsibilities may include:

  • Demonstrate in-depth understanding of applicable IT/OT Security and compliance regulations, including but not limited to: TSA (Transportation Security Administration) SD (Security Directive)- Transportation Security Administration; ITAR (International Trafficking in Arms Regulation); CFATS (Chemical Facility Anti-Terrorism Standards)
  • Maintain a sound technical understanding of cybersecurity, network operations, and other related IT/OT skillsets.
  • Program Management
  • Provide tactical direction and compliance oversight in developing, implementing, and evaluating project plans, goals, and timelines for the implementation of internal controls, physical security controls, and cyber security controls.
  • Coordinate proactive development and updates to policies, plans, procedures, and recordkeeping of evidence with internal organizations to ensure compliance with various IT/OT security and compliance requirements.
  • Communicate applicable IT/OT security compliance information, standards, and requirements in a clear, concise manner.
  • Monitor and report on applicable compliance status to various stakeholders. This includes both summary compliance/risk reporting for the CISO (Chief Information Security Officer) Leadership Team as well as targeted, actionable reporting to other stakeholder groups.
  • Internal Subject Matter Expert
  • Assist the business development teams in defining scopes of service and reviewing proposed contract changes as they relate to relevant compliance standards.
  • Develop and deliver compliance training for various audiences.
  • Partner with the business and IT (Information Technology) and OT (Operational Technology) teams to identify and implement technologies to automate and streamline compliance monitoring and reporting processes.
  • Actively participate in the cyber security incident management process as a compliance SME (Subject Matter Experts).
  • Apply understanding of compliance standards along with other IT & OT disciplines to provide recommendations and/or solutions to business/compliance issues.
  • Participate in the evaluation of potential compliance concerns.
  • Facilitate periodic spot checks on applicable existing standards, and the communication of changes to the impacted teams.
  • Lead documented response to regulatory compliance requests, enforcement actions, and data-reporting up to leader for IT/OT Governance Risk and Compliance.


  • Must be legally authorized to work in the United States as a U.S. citizen or national, or an alien admitted as a permanent resident, refugee or asylee
  • 5+ years of experience of IT/OT Security Compliance administration experience
  • 5+ years of experience with Risk assessments and Control Framework development
  • Implemented TSA – Security Directive, CFATS, ITAR and/or similar security compliance programs


  • Bachelor’s degree or higher in Business Admin/Mgmt., Computer Science, Engineering, Information Technology, Management Information Systems, other related business field, other related technical field, or foreign equivalent
  • 5+ years of experience in designing, troubleshooting, and maintaining IT/OT Security/Compliance programs
  • Basic knowledge in governance, risk and compliance procedures, standard methodologies, and implementation of network documentation and diagramming
  • An excellent teammate with the ability to get results quickly and efficiently, both internally and with outside vendors
  • Ability to rapidly develop a conceptual understanding of environments that are new to them and provide insight into the analysis of related events
  • Ability to resolve technical issues
  • Advanced proficiency with Microsoft O365 applications: Excel, Outlook, PowerPoint, SharePoint, Teams, and Word
  • Takes ownership of actions and follows through on commitments by holding others accountable and standing up for what is right
  • Delivers positive results through realistic planning to accomplish goals
  • Builds effective solutions based on available information and makes timely decisions that are safe and ethical

To be considered for this position you must complete the entire application process, which includes answering all prescreening questions and providing your eSignature on or before the requisition closing date of September 22, 2022.

Candidates for this U.S. position must be a U.S. citizen or national, or an alien admitted as permanent resident, refugee, asylee or temporary resident under 8 U.S.C. 1160(a) or 1255(a) (1). Individuals with temporary visas such as A, B, C, D, E, F, G, H, I, J, L, M, NATO, O, P, Q, R or TN or who need sponsorship for work authorization in the United States now or in the future, are not eligible for hire.

ConocoPhillips is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, veteran status, gender identity or expression, genetic information or any other legally protected status.

To apply for this job please visit

Be the first to comment

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.