Cybersecurity Operations Manager

At Motiva, our employees' energy, passion, and dedication to excellence are what make us who we are and what allows us to generate energy that makes a house a home, gets us from point A to point B, and enables our health and wellbeing. We invest in every aspect of our employees' lives because, at Motiva, our people matter.



Headquartered in Houston, Texas, Motiva refines, distributes and markets petroleum products throughout the Americas. The company's Port Arthur Manufacturing Complex in Port Arthur, TX, is comprised of North America's largest refinery with a total throughput of 720,000 barrels per day, the world's second largest base oil plant, and an integrated chemical plant. Under exclusive long-term brand licenses with Shell and Phillips 66 (for the 76® brand), Motiva's commercial operations supply more than 12 billion gallons of fuel to customers annually. Motiva is wholly owned by Aramco, one of the world's largest integrated energy and chemicals companies.



Position Overview:

The Cybersecurity Operations Manager leads a dynamic and customer-focused security operations team dedicated to safeguarding the company's IT systems and information assets. Proactive monitoring, incident response refinement, vulnerability and threat management, this program is designed to ensure that the company's IT systems and information assets are adequately protected and compliant with regulatory and other requirements. The individual in this role will collaborates closely with internal and external stakeholders to enhance the company's cybersecurity and incident response capabilities.. These efforts include enhancing our cyber intelligence posture/capabilities and ongoing communications between our various departments in order to increase our security readiness and reduce response time. A key focus for the manager is to continuously improve the organization's security posture and maturity, including the growth of the team members and interoperability with other teams The role reports directly to the Chief Information Security Officer and works closely with senior leaders across the organization.





Responsibilities:

• Lead and mentor a team of security engineers and analysts, providing guidance, feedback, and training.
  
• Develop and implement security strategies, architectures, and roadmaps, aligned with business objectives and industry best practices.
  
• Monitor and evaluate the performance and effectiveness of our security systems, tools, processes and SOC, and recommend improvements and enhancements.
  
• Coordinate and oversee security incident response and remediation, ensuring compliance with regulatory, organizational governance and contractual obligations.
  
• Ensure incident identification, assessment, quantification, reporting, communication, mitigation and monitoring
  
• Develop and enforce firewall, zero-trust, and cloud security policies and standards, in alignment with industry best practices, organizational governance, and regulatory requirements.
  
• Establish and maintain security metrics and reports related to security operations an engineering, and communicate security status and risks to senior management and stakeholders.
  
• Co-ordination with stakeholders, build and maintain positive working relationships with them, with positive, customer experience mentality.
  
• Manage security operations and engineering projects and initiatives, ensuring timely and quality delivery of deliverables and outcomes.
  
• Research and evaluate emerging security trends, threats, and technologies, and provide recommendations for adoption and integration.
  
• Perform threat management, threat modeling, identify threat vectors and develop use cases for security monitoring
  
• Collaborate with internal and external partners, such as IT, legal, audit, and vendors, to ensure alignment and integration of security requirements and solutions.
  
• Manage and conduct forensic investigations of security incidents to determine the root cause, extent of impact, and identify lessons learned for future prevention.
  
• Design and implement firewall, zero-trust, and cloud security solutions, using various technologies and tools, such as firewalls, VPNs, micro-segmentation, identity and access management, encryption, and cloud security services.
  
• Monitor and analyze network traffic and security logs, using various tools and platforms, such as SIEM, IDS/IPS, NAC, and cloud security platforms.
  

Experience and Qualifications:

Basic Qualifications

• Bachelor's or advanced degree in Computer Science, Information Technology, Business Administration, or a related field. Pertinent experience at the professional level may be substituted for the education requirement on a year-for-year basis.
  
• 15+ years of experience in IT Security, in a combination of security operations, incident response, threat intelligence, and cloud security within a large-scale organization, with at least 10 years of experience in a leadership or management role.
  
• Strong knowledge of industry standards and frameworks, such as NIST Cybersecurity Framework, ISO 27001, CMMI, etc.
  
• Proven experience with Incident Response and solid familiarity with the ATT&CK framework
  
• Proven experience in developing and maintaining risk and controls programs in complex environments.
  
• Understanding of SOC/SIEM platforms and process automation
  
• Experience managing Red and Blue teams
  
• Experience with vulnerability management, patch management, and security assessment tools.
  
• Proficiency in using the Microsoft suite of products.
  
• Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams and stakeholders.
  
• Strong organizational and project management skills, with the ability to prioritize and manage multiple tasks simultaneously.
  
• Strong analytical, problem-solving, and decision-making skills, with the ability to prioritize and manage multiple tasks and projects.
  

Preferred Qualifications

• Relevant certifications (e.g., CISSP, CISM, GIAC) are highly desirable.
  
• Experience with risk and control related to Operational Technology (OT) environments.
  
• Experience leveraging APIs and scripting for integration and automation
  
• Ability to script in python and/or PowerShell
  
• Strong data analytics and reporting skills