Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in countries around the world. We explore, produce and transport crude oil and natural gas; refine, market and distribute fuels and other energy products; manufacture and sell petrochemical products; generate power; and develop future energy resources, including biofuels and geothermal energy. To learn more, visit the Explore Chevron website.
The IT Risk Management Consulting Team supports the Information Risk Management (IRM) programs and provides Risk Assessment services to the IT Function. Responsibilities include performing risk assessments, developing processes and tools, and conducting training. Risk assessments include evaluating new technologies, applications, services, and participating in external and internal vulnerability assessments.
The successful candidate must have knowledge of Chevron’s IRM Standards or industry Risk standards and experience with a variety of technologies. Must be highly motivated, enjoy a challenging work environment, and be able to work independently as well as in a team environment. Applicants must be self-starters, with strong verbal and written communication skills. An understanding of Information Risk and experience in Project Management is important. Applicants should demonstrate strong leadership skills and the ability to consistently raise the bar, engage others, and mobilize commitment to produce results.
Chevron is accepting online applications for the position of IT Risk Management Consultant located in Houston, CA through July 31, 2013 at 11:59 p.m. (Eastern Standard Time).
Responsibilities for this position may include but are not limited to:
This role performs risk assessments for the IT function across the enterprise.
Identifies risks associated with selected business systems (application, database), mobile device applications, IT delivery processes, infrastructure, new technologies, and non-compliant system components.
Identifies risks associated with external service providers hosting Chevron data, applications and infrastructure. (ASP, Saas, PaaS, IaaS) .
Provides guidance for prioritizing and mitigating the risks identified.
Where appropriate, collaborates with appropriate technical teams to ensure risks are identified and accurately assessed.
Develops and maintains risk assessment programs and tools to ensure consistent and effective performance of assessments.
Assist with vulnerability assessments conducted by third parties and perform targeted internal vulnerability assessments.
Assists with the development of process, tools and training that facilitate sustained compliance with IRM standards.
Builds collaboration, facilitates towards agreement and influences for success using Chevron Way Behaviors with an Enterprise and IT Function perspective.
Utilize qualitative and quantitative risk analysis best practices
5-10 years of Information Risk Management and/or IT Security Experience.
Ability to think beyond the obvious to identify potential Risks in both existing and new uses of applications, software, and hardware.
Experience in Risk Analysis, Information Protection Technologies, and Project Management with good understanding of Information protection terms, processes and mitigating Controls.
Knowledge of Information Risk Standard and Controls.
Bachelor’s degree in Computer Science, MIS or comparable.
CISSP, CISA, CRISC or other certifications in the Information Security, Governance, and Risk Management domains highly desirable
Relocation may be considered within Chevron parameters.*LI-SA1
Expatriate assignments will not be considered.
Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.
Chevron - 19 months ago
Chevron is one of the world's leading energy companies, with approximately 60,000 employees working in countries around the world. We...