Senior OT Cybersecurity Engineer

About The Position

The OT (Operational Technology) Cybersecurity Engineering and Innovation team is responsible for the strategic and technical direction of OT/IACS (Industrial Automated Control Systems) cybersecurity in Chevron. OT Cybersecurity Engineers support activities such as secure-by-design, standardized solution and network architectures, and the secure implementation of OT/IACS digital technologies across Lead OT Cyber Engineers are cybersecurity influencers functioning at the Chevron Enterprise level, reaching broadly across multiple IT Foundational Platform product lines, select Digital Platforms, and OT/IACS Business Unit. These engineers have a grasp of business breadth, along with technical depth to help stakeholders make quality cybersecurity investment decisions. This role positively impacts global cybersecurity practices, in various operating assets and environments, delivering on the Chevron cybersecurity integrated risk management strategy.

Key Responsibilities

• Contribute to OT/IACS Cybersecurity initiatives, technology projects and security programs for one or more digital platform.
• Contribute to the design and review of secure IACS/OT network architectures and data flows including communication between applications, ports, protocols, and services.
• Contribute to the creation of OT/IACS cybersecurity guardrails and IT engineering standards to ensure OT architectures, solutions and technologies across the Chevron enterprise are built using a secure-by-design methodology.
• Utilize industry standards and frameworks (e.g., NIST-800-53/82, IEC-62443, MITRE ATT&CK / D3FEND), to identify capabilities and technologies to provide enhanced cyber defenses in diverse scenarios.

Required Qualifications

• Education: Bachelor’s or Master’s degree in Information Technology, Computer Science, Engineering, or related STEM field is preferred, but not required.
• Certifications: Certifications in Industrial Control Systems Cybersecurity or in IT Cybersecurity are highly preferred (e.g., GISCP, GCIP, CISSP, or other similar certification). Vendor-specific training on Operational Technology, IACS equipment manufacturers and internal network systems are highly preferred. Certifications in SAFe Scaled Agile or related scrum/agile project management framework is desirable.
• Work Experience: Minimum 2 years related work experience in Operational Technology/Industrial Controls Systems Cybersecurity field with increasing levels of responsibility. “Hands-On” experience with OT/IACS critical infrastructure in energy or similar industries preferred.

Preferred Qualifications

• Experience in utilizing frameworks and standards such as NIST-800-53/82 and IEC-62443 in an IACS environment.
• Experience with Industrial Internet of Things (IIoT), optimization, “Big data” analytics, OT integration and/or SCADA from the Cloud is preferred.
• Experience in conducting and/or leading cybersecurity assessments (risk, vulnerability) and creating a detailed mitigation plan and recommendations to address gaps identified.
• Demonstrated OT Cybersecurity project experience including leading the development of security architectures (programs) and secure network architectures (systems).
• Experience in performing OT/IACS vulnerability scans, passively and actively with technologies such as Tenable Nessus or NMAP scanning tools.
• Understanding of threats, vulnerabilities, attack paths and exploits in an OT/IACS environment.
• Experience with selecting, designing, architecting, and deploying security technologies to an OT/IACS environment.
• Ability to influence and motivate teams, and work with a variety of disciplines, cultures, and environments.
• Demonstrated ability to work effectively, and communicate effectively at all levels with operations, design, projects, vendors, peers, etc.
• Demonstrated ability to provide leadership behaviors across enterprise through rigorous change management and compliance processes, while driving efficiencies.
• Knowledge of techniques and tools that promote effective analysis and the ability to determine root cause and resolution of problems.
• Communicates in a clear, concise, understandable manner both orally and in writing.

Work Schedule

Chevron ENGINE supports global operations, supporting business requirements across the world. Accordingly, the work hours for employees will be aligned to support business requirements. The standard work week will be Monday to Friday. Working hours are 8:00am to 5:00pm or 1:30pm to 10:30pm.

What We Can Offer You

• Opportunity to take part in world-leading energy projects and advance your professional development.
• Expand your career within an inclusive and collaborative workplace.
• Join a workplace where innovation, collaboration and safety are at the core of how we work.
• Work in thoughtfully designed environments that support focus, well-being, and innovation.
• Grow through structured learning, mentorship, and opportunities to contribute to impactful projects.
• Access comprehensive benefits that support your health, well-being, and work-life balance.
• Engage with emerging technologies and digital solutions shaping the future of energy.

How To Apply

To be a part of our success, click APPLY to submit your application. Chevron regrets that it is unable to sponsor employment Visas or consider individuals on time-limited Visa status for this position.

Privacy and Terms and Conditions

We respect the privacy of candidates for employment. This Privacy Notice sets forth how we will use the information we obtain when you apply for a position through this career site. If you do not consent to the terms of this Privacy Notice, please do not submit information to us. Please access the Global Application Statements, select the country where you are applying for employment. By applying, you acknowledge that you have read and agree to the country specific statement.

Terms of Use

“ENGINE” refers to the Chevron Engineering and Innovation Excellence Center, which operates under Chevron Global Technology and Services Private Limited, an affiliate of Chevron Corporation. References to ENGINE in this document are for convenience only and do not denote a separate legal entity. This job advertisement is intended to provide a general overview of the role and workplace environment. Role details and outcomes may vary based on business needs and individual performance.

Key skills/competency

OT Cybersecurity, IACS Security, Network Architecture, NIST-800-53, IEC-62443, MITRE ATT&CK, Vulnerability Assessment, Risk Management, Security Engineering, Cybersecurity Program Management