IT Governance Risk & Compliance Lead

Overview

Weatherford is a leading global energy services company. Our world-class experts partner with customers to optimize their resources and realize the full potential of their assets. Across our operating locations, including manufacturing, research and development, service, and training facilities, operators choose us for strategic solutions that add efficiency, flexibility, and responsibility to any energy operation.

 

We are focused on technology development, digital solutions, and defining our footprint in the new energy space. Our ability to provide integrated solutions across our segments will be critical to growth in our core operations and the energy transition.

 

Energy producers face unique challenges every day, so it is our job to create solutions that enhance safety, streamline operations, and sustain uptime to meet or exceed their targets. We operate across the global energy landscape employing some of the best diverse talent in the industry. At Weatherford, we understand the value each individual brings to the table. We celebrate diversity in all its forms and are immensely proud of our workforce. We invite you to join our passionate, talented, word-class team.

 

When you join Weatherford, you instantly feel connected to something bigger – a community that is grounded by our core values and driven to create innovative solutions for our customers. We celebrate each other’s successes, grow together, and learn from each other constantly. Individually, we are impressive. Together, we are unstoppable. We are One Weatherford.

 

Weatherford offers competitive compensation, a comprehensive benefits program and provides you a challenging and enriching career path, with a healthy balance of structure and flexibility to chart your own course.

 

Weatherford is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.

Responsibilities

Weatherford has an opening for a Governance Risk and Compliance Lead in Houston, TX.  The role will be responsible for managing internal and external cyber security assessments and for laying a NIST CSF/800.53/800.171 based Cybersecurity Control framework. Conducting internal security audits, and completing customer required audits. 

 

Roles & Responsibilities

 

SAFETY, SECURITY & COMPLIANCE

• Maintains the highest standards of corporate governance, ensuring that all activities are carried out ethically and in compliance with the Company’s Security, Compliance & HSE policies, Management System, relevant laws, regulations, standards and industry practices and complies with the Company’s Rules to Live By
• Places Quality, Health and safety, Security and protection of the Environment as core values while never intentionally placing employees, our processes, customers, or the communities in which we live and work at risk
• Seeks continual improvement in Health, Safety, Security & protection of the Environment, taking into account responsible care, process vulnerabilities, public, customer and employee inputs, knowledge and technology and best business practices to exceed customer expectations

 

QUALITY

• Responsible for being familiar with the Company's Quality policies and taking an active role in the compliance and improvement of Weatherford’s Management System
• Maintains service quality as an immediate priority when working across all areas of the business and continually seeks areas for improvement

 

OPERATIONS

• Serves as the primary point of contact for Cybersecurity inquiries from internal and external customers, and regulators and provides efficient contract reviews
  • Recommending ways to mitigate cyber security risk
  • Managing customer security inquiries and audits
  • Maintaining a relationship with the internal customer (Product Line, etc.) by providing them with risk and assurance advice, and assisting them in the implementation of security controls
• Conducts third-party risk assessments for internal technology purchases and to anticipate, identify, and mitigate risks to WFRD security posture from vendor relationships
• Aligns security controls to the NIST Cyber Security Framework
• Develops remediation plans and track the progress of remediation
• Updates and authors new IT Policies and Standards by creating clear and accurate documentation

  

COMMUNICATION

• Effectively communicate with technical and non-technical audiences
• Maintains effective communications with all key stakeholders both internal and where appropriate external

 

FINANCIAL

• All employees have an accountability to the organization to be financially responsible whether they are in charge of a function budget or simply their own expenses
• Costs incurred should be within the approved budget, processed within agreed time frames & following the relevant financial policy and procedure

 

PEOPLE & DEVELOPMENT

• Employees have a responsibility for developing their careers within the Company including completing all necessary function, compliance & business standards training to enhance their knowledge, skills and experience
• Employees should engage regularly with their line manager to discuss their personal performance, objectives and opportunities to enhance their skills and experience to support their career potential

 

VISION & LEADERSHIP

• Demonstrates leadership, ethical behavior and adherence to Weatherford standards at all times

Qualifications

• Bachelor's Degree in a Technical Field
• Minimum 5 years in a Governance, Risk, and Compliance or IT audit role
• Understand NIST CSF, NIST 800.53, and ISO 27001 Security Controls

 

PREFERRED

• Certified Information Security Systems Professional (CISSP)
• Certified Internal Auditor (CIA)
• Have experience in working with Networks and Network Security (Firewalls, IDS/IPS, etc.) 

 

Knowledge, Skills & Abilities

 

REQUIRED

• Demonstrate self-motivation and willingness to conduct their research
• Strong verbal and written communication skills. Must be able to routinely produce high-quality technical documentation
• Strong analytical skills
• Excellent knowledge of MS Office products: Outlook, Excel, Word, PowerPoint, etc
• Team player with the ability to build strong relationships with stakeholders
• Effectively communicate with technical and non-technical audiences
• Willing to work extended hours and weekends as needed

 

PREFERRED

• Understanding of operational technology systems, including their unique security challenges and solutions
• Understanding of security controls available in multiple clouds (Azure and AWS)
• Understanding of secure application development concepts (OWASP Top 10)

 

Travel Requirement:

This role may require domestic and potentially international travel of up to:  <10%