IT Governance Risk & Compliance Lead
HOUSTON, TX, United States
Overview
Weatherford is a leading global energy services company. Our world-class experts partner with customers to optimize their resources and realize the full potential of their assets. Across our operating locations, including manufacturing, research and development, service, and training facilities, operators choose us for strategic solutions that add efficiency, flexibility, and responsibility to any energy operation.
We are focused on technology development, digital solutions, and defining our footprint in the new energy space. Our ability to provide integrated solutions across our segments will be critical to growth in our core operations and the energy transition.
Energy producers face unique challenges every day, so it is our job to create solutions that enhance safety, streamline operations, and sustain uptime to meet or exceed their targets. We operate across the global energy landscape employing some of the best diverse talent in the industry. At Weatherford, we understand the value each individual brings to the table. We celebrate diversity in all its forms and are immensely proud of our workforce. We invite you to join our passionate, talented, word-class team.
When you join Weatherford, you instantly feel connected to something bigger – a community that is grounded by our core values and driven to create innovative solutions for our customers. We celebrate each other’s successes, grow together, and learn from each other constantly. Individually, we are impressive. Together, we are unstoppable. We are One Weatherford.
Weatherford offers competitive compensation, a comprehensive benefits program and provides you a challenging and enriching career path, with a healthy balance of structure and flexibility to chart your own course.
Weatherford is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national or ethnic origin, sex, sexual orientation, gender identity or expression, age, disability, protected veteran status or other characteristics protected by law.
Responsibilities
Weatherford has an opening for a Governance Risk and Compliance Lead in Houston, TX. The role will be responsible for managing internal and external cyber security assessments and for laying a NIST CSF/800.53/800.171 based Cybersecurity Control framework. Conducting internal security audits, and completing customer required audits.
Roles & Responsibilities
SAFETY, SECURITY & COMPLIANCE
- Maintains the highest standards of corporate governance, ensuring that all activities are carried out ethically and in compliance with the Company’s Security, Compliance & HSE policies, Management System, relevant laws, regulations, standards and industry practices and complies with the Company’s Rules to Live By
- Places Quality, Health and safety, Security and protection of the Environment as core values while never intentionally placing employees, our processes, customers, or the communities in which we live and work at risk
- Seeks continual improvement in Health, Safety, Security & protection of the Environment, taking into account responsible care, process vulnerabilities, public, customer and employee inputs, knowledge and technology and best business practices to exceed customer expectations
QUALITY
- Responsible for being familiar with the Company's Quality policies and taking an active role in the compliance and improvement of Weatherford’s Management System
- Maintains service quality as an immediate priority when working across all areas of the business and continually seeks areas for improvement
OPERATIONS
- Serves as the primary point of contact for Cybersecurity inquiries from internal and external customers, and regulators and provides efficient contract reviews
- Recommending ways to mitigate cyber security risk
- Managing customer security inquiries and audits
- Maintaining a relationship with the internal customer (Product Line, etc.) by providing them with risk and assurance advice, and assisting them in the implementation of security controls
- Conducts third-party risk assessments for internal technology purchases and to anticipate, identify, and mitigate risks to WFRD security posture from vendor relationships
- Aligns security controls to the NIST Cyber Security Framework
- Develops remediation plans and track the progress of remediation
- Updates and authors new IT Policies and Standards by creating clear and accurate documentation
COMMUNICATION
- Effectively communicate with technical and non-technical audiences
- Maintains effective communications with all key stakeholders both internal and where appropriate external
FINANCIAL
- All employees have an accountability to the organization to be financially responsible whether they are in charge of a function budget or simply their own expenses
- Costs incurred should be within the approved budget, processed within agreed time frames & following the relevant financial policy and procedure
PEOPLE & DEVELOPMENT
- Employees have a responsibility for developing their careers within the Company including completing all necessary function, compliance & business standards training to enhance their knowledge, skills and experience
- Employees should engage regularly with their line manager to discuss their personal performance, objectives and opportunities to enhance their skills and experience to support their career potential
VISION & LEADERSHIP
- Demonstrates leadership, ethical behavior and adherence to Weatherford standards at all times
Qualifications
- Bachelor's Degree in a Technical Field
- Minimum 5 years in a Governance, Risk, and Compliance or IT audit role
- Understand NIST CSF, NIST 800.53, and ISO 27001 Security Controls
PREFERRED
- Certified Information Security Systems Professional (CISSP)
- Certified Internal Auditor (CIA)
- Have experience in working with Networks and Network Security (Firewalls, IDS/IPS, etc.)
Knowledge, Skills & Abilities
REQUIRED
- Demonstrate self-motivation and willingness to conduct their research
- Strong verbal and written communication skills. Must be able to routinely produce high-quality technical documentation
- Strong analytical skills
- Excellent knowledge of MS Office products: Outlook, Excel, Word, PowerPoint, etc
- Team player with the ability to build strong relationships with stakeholders
- Effectively communicate with technical and non-technical audiences
- Willing to work extended hours and weekends as needed
PREFERRED
- Understanding of operational technology systems, including their unique security challenges and solutions
- Understanding of security controls available in multiple clouds (Azure and AWS)
- Understanding of secure application development concepts (OWASP Top 10)
Travel Requirement:
This role may require domestic and potentially international travel of up to: <10%
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Audits AWS Azure CIA CISSP Cloud Compliance Firewalls Governance IDS IPS ISO 27001 Network security NIST OWASP Risk assessment Security assessment Vulnerabilities
Perks/benefits: Career development Competitive pay Health care Startup environment Travel
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs