- Career Center Home
- Search Jobs
- Information Security Risk Mgmt Anlst
Description
CITGO PETROLEUM CORPORATIONCITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand. CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and/or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants. With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.
At CITGO our people are our most important resource. Our core values are Safety, Integrity, Respect, Accountability, and Care.
Job Summary
The Risk Management Analyst is responsible for identifying, assessing, and managing cybersecurity risks across the organization's IT and OT environments. The analyst leads CITGO efforts in hardware / software and systems risk assessments, Risk Management, cybersecurity policy and procedure management, and cybersecurity governance. In this dynamic role, the employee oversees critical areas such as cyber risk assessments, policy and procedure rollout to system owners, and incident response planning, ensuring our business remains resilient and secure. As a key contributor, the employee collaborates with cross-functional teams to drive compliance initiatives, protect sensitive data, and help maintain the trust of CITGO's information.
Minimum Qualifications
Required:
- Bachelor's degree and 8 years of experience; or associate's degree and 10 years of experience; or high school diploma and 12 years of experience.
- Awareness of emerging technologies and their associated risks.
- Advanced analytical and problem-solving skills for assessing and prioritizing risks.
- Compliance Standards: Familiarity with standards like ISO 27001 and NIST 800.53, 800.144 and 800.82.
- IT and OT Risks: General knowledge of risks that impact IT and OT systems.
- Supply Chain and Third-Party Cyber Risk Management (TPRM): Knowledge of best practices for TPRM, including highest priority risk mitigation practices.
- Attention to Detail: Precision in managing risk assessments and governance to ensure adherence to compliance standards.
Preferred:
- CISSP, CRISC or other security or compliance certifications.
Job Duties
Job Duties II
Job duties displayed above are not all-inclusive, site-specific responsibilities may be assigned.
Here are the incentives we offer:
• Remote Work options available for eligible positions
• Options are department and/or location specific
• 9/80 Work Schedule Option (where applicable)
• Annual Vacation Incentive (40-120 hours of additional pay) for Eligible Employees
• Paid Vacation Time
• Company-Paid Holidays
• Caregiver Leave
• Excellent 401(k) Match
• Pension Plan
• Performance Incentive
• Company-Paid Sick Leave and Long-Term Disability
• Medical, Dental, & Vision Plans; FSA and HSA options
• Company-Paid Life Insurance for Active Employees
• Healthy Rewards Program
• Service Awards Program
• Educational Assistance Plan
• Dependent Children Scholarships
• Reimbursement for Gym Membership
• Employee Discount Programs
• On-site Health Clinic (select locations)
• On-site Cafeteria (select locations)
• On-site Credit Union and ATM (Corporate office only)
• On-site Fitness Center (select locations)
PLEASE NOTE ALL JOBS DO NOT QUALIFY FOR ALL PERKS
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability.
Requisition ID - 1920