Operational Technology Security Specialist

At Motiva Enterprises LLC, our key asset is our people. We have over 2,500 dedicated employees who allow us to fulfill our mission - to be the safest and most profitable downstream company in the world. We own and operate North America's largest refinery, based in Port Arthur, Texas, along with a petrochemical facility and supporting logistics. Headquartered in Houston, Texas, we are an integral part of the downstream group within Aramco.
Position Overview:
The Security Specialist provides tactical, analytical, and compliance support for Motiva's Port Arthur Manufacturing Complex Operational Technology (OT) Cybersecurity Program.
Responsibilities:

• Stay abreast of NIST guidelines and best OT/ICS (Industrial Control Systems) security standards and requirements.
• Stay abreast of current cyberthreats and vulnerabilities in the OT/ICS space.
• Provide tactical and strategic level intelligence analysis of cyber threats, vectors, vulnerabilities, and actors identified by the site's tools and surveys (i.e. Physical Surveys, Badge Access Control Reviews, Security Information and Event Management (SIEM), Antivirus and Packet Capture tools).
• Work with the Enterprise threat team to be site focal point for investigating SIEM alerts.
• Receive, determine applicability, and address ICS-CERT and vendor security alerts.
• Create and maintain procedures to document threat analysis activities (capture, respond and mitigate).
• Educate staff about threats and vulnerabilities.
• As part of CST (Cyber Security Team), participate in Management of Change reviews to ensure secure, safe operation and design of equipment and related changes.
• Serve as OT Cyber Incident Focal Point as needed.
• Provide oversight of Window Server Update Services (WSUS) and antivirus solutions.
• Manage SIEM solution with timely response and follow-up on alerts generated.
• Provide secondary support for Privileged Access Management solution in OT network.
• Perform regular reviews of applicable OT procedures and work instructions to ensure up to date and applicable.
• Provide off hour OT support as needed.
• Provide secondary support for security compliance checklists and hardening strategy.
• Assist with selection of hardware and operating system versions for workstations.
• Provide oversight of developing, reviewing test and maintaining baseline configuration image for workstations/servers.

Experience and Qualifications:
Basic Qualifications:

• Associate's degree or higher education in Computer Science or in a similar technical discipline
• 5+ years of experience working in networking and Microsoft operating systems
• 2+ years of experience working in cybersecurity functions
• Knowledge of available cyber tools to monitor cybersecurity or to use in performing assessments
• Troubleshooting skills and knowledge of tools to facilitate troubleshooting computer and network events

Preferred Qualifications:

• Bachelor's degree in Computer Science or in a similar technical discipline
• 5+ years of experience working in threat analysis or cyber hunting
• Understanding of the Active Defense approach, ICS-specific attacks and how these attacks impact mitigation strategies
• GICSP (Global Industrial Cyber Security Professional) certification
• GRID (GIAC Response and Industrial Defense) certification
• Working knowledge of fundamental techniques specific to core subjects with an ICS-focus, such as network security monitoring (NSM), digital forensics and incident response (DFIR)
• Expert in NIST, corporate and site ICS Security standards
• Awareness of the automation systems in manufacturing

Physical Requirements:

• Physical ability to work around and on industrial equipment, including frequent climbing of stairs and ladders
• Ability to wear Personal Protective Equipment (PPE) in designated areas (respirator, hard hat, safety glasses, gloves, heeled boots, and hearing protection)

We reserve the right to amend or withdraw Motiva jobs at any time, including prior to the closing date. Depending on qualifications, the successful candidate may be offered a position at a more appropriate level and/or grade.
Applicants for regular U.S. positions must be authorized to work in the United States for Motiva Enterprises LLC without the need for sponsorship of an immigration authorization or visa (for example, TN, H-1B, or other employment-based immigration authorization or visa).
Motiva participates in E-Verify.
All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, age, religion, disability, sexual orientation, gender identity, protected veteran status, citizenship, genetic information, or other protected status under federal, state, or local laws.