US Jobs US Jobs     UK Jobs UK Jobs     EU Jobs EU Jobs


CYBERSECURITY RISK ANALYST

CITGO PETROLEUM CORPORATION

CITGO Petroleum Corporation is a recognized leader in the refining industry and operates under the well-known CITGO brand.

CITGO owns and operates three refineries located in Lake Charles, LA.; Lemont, IL.; and Corpus Christi, TX, and wholly and/or jointly owns 38 active terminals, six pipelines and three lubricants blending and packaging plants.

With approximately 3,300 employees and a combined crude capacity of approximately 807,000 barrels-per-day (bpd), positions CITGO as one of the best-branded supplier companies in the industry.

At CITGO our people are our most important resource.

Our core values are Safety, Integrity, Respect, Accountability, and Care.

Job Summary

The Cybersecurity Risk Analyst is responsible for identifying, assessing, and managing cybersecurity risks across the organization's IT and OT environments.

This role involves conducting comprehensive risk assessments, leading vulnerability management efforts, and ensuring compliance with industry frameworks and regulations.

The analyst will work closely with cross-functional teams to design and implement effective risk mitigation strategies, evaluate third-party risks, and support incident response and post-incident evaluations.

By leveraging data-driven methods and tracking key performance indicators, the Cybersecurity Risk Analyst plays a critical role in enhancing the organization's security posture and aligning cybersecurity efforts with business objectives.

Minimum Qualifications

Degree:


* Bachelor's Degree

The minimum number of years of job related experience required by this job is:


* 8 years.

List any specialized training or unique skills required / preferred:


* In-depth understanding of cybersecurity frameworks such as NIST, ISO 27001, and FAIR.


* Strong familiarity with IT and OT environments, including cloud platforms, IoT devices, data centers, and software applications.


* Expertise in vulnerability management processes, penetration testing, and threat modeling.


* Awareness of emerging technologies and their associated risks.


* Advanced analytical and problem-solving skills for assessing and prioritizing risks.


* Effective communication and presentation skills to translate technical risks into business impacts for stakeholders.


* Proficiency in creating detailed documentation, including risk reports, policies, and compliance evidence.


* Preferred CISSP, CRISC or other security certifications.

Job Duties

1.

Comprehensive Infrastructure Risk Assessment


* Perform regular risk assessments of IT and OT systems, including networks, cloud platforms, IoT devices, and software, aligned with NIST and CIS Controls.


* Ensure compliance with security regulations (e.g., GDPR, CCPA, PCI DSS) and manage third-party risks.

2.

Vulnerability Management


* Lead vulnerability scans, penetration tests, and threat modeling.


* Assess and address vulnerabilities, prioritize patches,...




Share Job