IT/OT Security Regional Lead

Who we are

ConocoPhillips is one of the world’s leading exploration and production companies, based on production and proved reserves.  Across our 13 countries of operations, we work in a truly integrated way and are committed to the efficient and effective exploration and production of oil and natural gas.  Producing oil and natural gas and getting them to market takes ingenuity, technology, and investment.  Our innovative, collaborative efforts yield products that improve quality of life globally while producing economic benefits with far-reaching influence.

A culture of SPIRIT

We are grounded by our SPIRIT Values – safety, people, integrity, responsibility, innovation, and teamwork. These values position us to deliver strong performance in a dynamic business – but not at all costs. We believe it’s not just what we do – it’s how we do it – that sets us apart. ConocoPhillips strives to make a significant difference in the communities where we live and operate, and we create and foster an inclusive environment that values all voices and opinions. Together, the different backgrounds, experiences, ideas, and perspectives of our employees drive our success.

What we do in Australia

ConocoPhillips Australia was established almost two decades ago. Headquartered in Brisbane, Queensland, we are a 47.5 percent shareholder in Australia Pacific LNG (APLNG) and operate the APLNG facility on Curtis Island. As the largest producer of natural gas in eastern Australia, we supply Australian customers with natural gas and international customers with liquefied natural gas. ConocoPhillips is also undertaking exploration activity in the Otway Basin to identify commercially viable natural gas reserves for supply to the domestic market. 

About the opportunity

We have an exciting opportunity for an experienced individual to join our IT team in the position of IT/OT Security Regional Lead based in our Brisbane office. 

The role is responsible for providing security management direction to the Asia Pacific (AP) Business Units and security advice and guidance to IT and OT teams in accordance with corporate, business unit and statutory requirements. 

The role reports to the Manager, Australian Digital Technologies, and will also have an indirect reporting line to the Chief Information Security Officer (CISO).

Day to day, the IT/OT Security Regional Lead will be accountable for, but not limited to:

Security Strategy

• Implement Global and Regional IT and OT Security policies and procedures across the AP Business Units.
• Ensure the development of AP Business Units security management structure, policy compliance, programs & procedures and relay back to CISO core team any local conditions, laws or regulations related to cyber security or data privacy, protection, retention.
• Propose changes to CISO extended team for existing policies and procedures to ensure operating efficiency and regulatory compliance.
• Hold a local security clearance relevant to AP Business Units and actively participate in public private sharing with state, local and national law enforcement for cyber threat intelligence and cyber related activities.
• Monitor and report local/regional threat, regulatory, and privacy events, trends, and status to appropriate members of the IT/OT Security organization and Chief Security Officer/BU Physical Security Manager.
• Guide AP Business Units IT and OT systems through security architecture and IT/OT risk assessment processes in collaboration with CISO office located in Houston, TX.

Security Liaison

• Represent the company on IT and OT security matters to external parties, such as industry forums, government agencies, law enforcement agencies.
• Assist local/regional resource owners and IT and OT staff in understanding and applying policy and control requirements and responding to security audit failures reported by auditors.
• Provide support and assistance for IT and OT Security Awareness and Education topics within the region as an extension of the Global IT/OT Security program.
• Work as a liaison with BU specific vendors and the legal and purchasing departments to ensure acceptable contracts and service-level agreements.
• Work with stakeholders to identify information asset owners to classify data and systems.
• Serve as an active and consistent participant in the IT OT security governance process.
• Collaborate with CISO, IT, OT and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
• Provide support and guidance for legal and regulatory compliance efforts, including audit support.

Architecture/Engineering Support

• Consult with local/regional IT, OT and CISO security staff to ensure security is factored into the evaluation, selection, installation and configuration of hardware, applications, and software.
• Develop a strong working relationship with the Enterprise Architecture Team, IT and OT Security Architecture Teams and broader IT/OT Security organization to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements.

Operational Support

• Coordinate, measure, and report on the technical aspects of IT OT Security management.
• Provide regional assistance, as required, to assist with the incident management and response process.
• Accountable for the facilitation of Risk Management processes for AP Business Units and where possible the wider ConocoPhillips company to identify Risk Attributes, Business Impact and recommend treatment plans and communicate information about residual risk.
• Provide IT OT Security consultation and facilitation services throughout the region to ensure appropriate application of security requirements and practices.
• Manage security projects and provide expert guidance on security matters for other IT and OT projects.
• Conduct IT and OT security incident response planning, training & exercises, including annual desktop exercises, for BU Crisis/Incident Management teams and emergency response personnel aligned with CMER teams and local BU Physical Security.

You will bring to the role:

• Relevant Bachelor and/or Master’s Degree and Qualifications/training in IT or Security Management. 
• International Relations, Business, IT/OT Security, Security Management and/or other political science.
• Five years security related experience within oil & gas sector.
• Investigative and/or intelligence experience, including knowledge and application of the intelligence cycle.
• Working knowledge of AP Business Units local, provincial & federal security regulations and their application to oil & gas projects.
• Experience in operating in high threat environments.
• Exceptional leadership, organizational and problem-solving skills. 
• Strong communication and interpersonal skills when partnering with internal & external stakeholders.
• Self-starter who can work effectively with minimal supervision. 
• Takes accountability to drive outcomes to completion.
• Be available to travel at short notice 10% of the year.

What we offer

• A unique culture of SPIRIT – Safety, People, Integrity, Responsibility, Innovation, Teamwork
• Commitment to lead and champion a diverse, equitable and inclusive culture of belonging
• A learning organisation that encourages, supports, and celebrates innovative ideas
• Continuous technical and professional development training
• Flexible work arrangements
• A competitive remuneration & benefits package:
  • Performance based compensation + above-industry superannuation contributions
  • Private health insurance, generous Employee Share Plan, annual health & wellness subsidy
  • Above industry paid parental leave

How to apply

Please provide your CV and a maximum one-page cover letter outlining your suitability for the role by the closing date of Thursday 25th May 2023.  

ConocoPhillips is an Equal Opportunity Employer.