|Date Posted||March 2, 2021|
Location Name: Findlay, OH or San Antonio, TX
Job/Requisition ID: 62478
Education Level: Bachelor's Required
Relevant Experience Level: Mid Career (4-10 Years)
Employee Group: Regular - Full Time
Employee Subgroup: Salaried Exempt
This position is accountable and responsible to the Enterprise OT Cybersecurity (EOTCS) manager for the day to day operational management of the ETOCS Operations & Engineering (O&E) teams. These roles directly affect the day to day operations and is a key element to operational resilience of Operating Technology (OT) environments. The focus of this position is the further implementation and integration of governance models that will mature the overall execution of the EOTCS team. This role will manage between 8 to 10 individuals. The role works closely with business partners to ensure continuity of operations and integrating into the business goals of our MPC business unit partners. The successful candidate will be experienced with OT, advanced cybersecurity methods for management, highly knowledgeable in vulnerability management, deep understanding of cybersecurity control methodologies, project and activity management methodologies, manage the implementation of endpoint and network changes, self-motivated, and extremely good writing & communication skills for report generation.
- Leverage project management skillsets to effectively manage team activities
- Drive activities and taskings to completion
- Ensure that cybersecurity controls are implemented in accordance to policies and standards
- Manage the operations of approved OT Cybersecurity tooling
- Ability to apply advanced technical knowledge and analytical skills within information security using diverse technologies in a complex security environment.
- Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.
- Implement the protective technical controls throughout the OT environments
- Implement the detective controls throughout the OT environments and work with the CSOC to ensure near-real time detection is possible
- Develop OT cybersecurity strategies that are specifically designed with NIST CSF and NIST 800-82 requirements in mind to protect critical processes without negatively impacting efficiency, productivity, and safety.
- Conduct risk assessments of OT networked environments, sites, and assets to understand vulnerabilities ensuring mission critical functions maintain security, availability, and safety in the case of a cyber event.
- Develop risk mitigation plans, recommend solutions, and provide expertise to assure more resiliency for OT networked environments, assets, and sites.
- Develop cybersecurity technology implementation strategies for OT environments with clear understanding of the differences between IT and OT (e.g. Anti-virus on HMIs, application whitelisting, network isolation strategies, etc.).
- Manage the day-to-day OT cybersecurity operations, maintenance, and monitoring of networked environments.
- Collaborate with peers across the information security organization to identify new innovations, capabilities, and solutions that improve the security posture of the OT environment.
- Mentor, develop, and empower a team of OT cybersecurity specialists.
- Leads with integrity, purpose, and with a leadership mindset.
EDUCATION AND EXPERIENCE:
- 8+ years of relevant work experience
- Bachelor’s degree in Computer Science, MBA, or similar degree contributing to the ability to perform management duties.
- Solid critical thinking and problem-solving skills, consensus building, leadership capabilities, and drive for results will contribute to success.
- Detailed working knowledge of OT and industrial control system environments.
- Extremely strong knowledge of auditing principles and practices
- Detailed knowledge of NIST 800-82 and NIST CSF framework
- Demonstrated background using the MITRE ATT&CK framework for testing control efficacy
- Strong organizational skills.
- Strong written and oral communication skills.
- Excellent analytical and problem-solving skills.
- Strong Technical Skills and working understanding of OT environments.
- Knowledge of industrial control systems security standards (IEC 62443, NIST Cybersecurity Framework).
- Experience with operational technologies including Process Control Networks (PCN), Supervisory Control and Data Acquisition (SCADA) systems, Industrial Automation Control (ICS) systems, Distributed Control Systems (DCS) and Programmable Logic Controllers (PLCs).
- Proven experience with risk assessment methodologies.
- Understanding of cyber threats, vulnerabilities, and exploits specific to OT environments.
- Strong organizational skills to manage multiple projects within the constraints of timelines and budgets.
- Ability to work and thrive in a fast-paced environment, learn rapidly, and master diverse technologies and techniques.
About Marathon Petroleum Corporation
Marathon Petroleum Corporation is a leading, integrated, downstream energy company headquartered in Findlay, Ohio. The company operates the nation’s largest refining system with more than 3 million barrels per day of crude oil capacity across 16 refineries. Marathon Petroleum's marketing system includes branded locations across the United States, including Marathon branded outlets. Speedway LLC, a Marathon Petroleum subsidiary, owns and operates retail convenience stores across the United States. MPC also owns the general partner and majority limited partner interest in MPLX LP, a midstream company which owns and operates gathering, processing, and fractionation assets, as well as crude oil and light product transportation and logistics infrastructure.
Travel Expected: Up to 25%
Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship or any other status protected by applicable federal, state, or local laws. If you would like more information about your EEO rights as an applicant, click here.
If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at [Click Here to Email Your Resumé]. Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation.
Equal Opportunity Employer: Veteran / Disability
Marathon Petroleum Company LP participates in the E-Verify program in some states in which it operates (including AL, AZ, GA, MS, NC, SC, TN, and UT). For more information before proceeding, please see details in English or Spanish. Right to Work Statement English or Spanish.
To view benefit information for Marathon Petroleum Corporation please visit mympcbenefits.com.