Senior Analyst - IT Governance, Risk & Compliance
Motiva Enterprises LLC

Houston, Texas

This job has expired.


At Motiva Enterprise LLC., our key asset is our people. We have over 2,500 dedicated employees who allow us to fulfill our purpose - to be the safest and most profitable downstream company in the Americas. Headquartered in Houston, TX, we own and operate North America's largest refinery, located in Port Arthur. Combined with our Terminals & Pipelines along the Southeast Coast, our organization is growing! Find out how you can grow with us!

Position Overview:

Motiva is seeking a Senior Analyst over IT Governance, Risk and Compliance. This role directly reports to the Manager of IT Governance, Risk and Compliance within the Digital Security Office. This role is critical in establishing and maintaining Motiva's overall IT risk & compliance management program, which is designed to ensure that the company's IT systems and information assets are adequately protected. This senior role works proactively with the various business units and internal departments and external organizations to help ensure that identified risks associated with IT solutions are managed appropriately and meet Motiva's defined policies and standards for information risk management.

Responsibilities:

  • Assists IT with maintaining compliance with various regulatory requirements including NIST, HIPPA, ISO and PII.
  • Conducts internal IT self-assessments and works closely with internal/external auditors regarding IT security audits and/or assessments (e.g. network, operating system and datacenter), including identifying, evaluating and mitigating vulnerabilities.
  • Assists in the analysis, design, development, testing, documentation and implementation of information and cybersecurity solutions, security policies, standards, guidelines, and procedures to ensure ongoing maintenance of security.
  • Monitors, researches, analyzes, and interprets applicable regulations to determine applicability and risks to IT operations.
  • Identifies and communicates recommended/required security controls and documents and monitors control implementation.
  • Responsible for tracking audit and compliance remediation efforts and escalation of issues not properly addressed.
  • Assist in the development of new, and updates to existing information security policies, standards, guidelines and procedures based on industry best practices and regulatory requirements.
  • Conduct annual security policies, standard, guidance, and procedural reviews, as required by the controls framework.
  • Responsible for developing and maintaining broad knowledge of information security best practices and trends.
  • Drive compliance efforts within IT and supporting 3rd parties. (Vendor management)
  • Promotes safety awareness and follows safety procedures in an effort to reduce or eliminate compliance non-conformities and accidents.
  • Help maintain a Risk Controls Matrix (RCM) that aligns with applicable regulatory and compliance requirement frameworks.
  • Manage and coordinate the review process for documented IT compliance-related risks with IT Security Leads and manage those risks to the appropriate level of acceptable residual risk.
  • Ensure proper identification, documentation, and approval of Policy/Control exceptions and risk acceptance activities.
  • Perform other duties as assigned

Experience and Qualifications Required:
  • Associates degree or above in Computer Science, Business Administration, IT Cyber Security, or related field of academic study. 7(+) of experience in various capacities related to the job qualifications can be substituted for college degree.
  • Good working knowledge of a broad range of standards and frameworks - for example, NIST Cybersecurity Framework, International Standards Organization (ISO) 27001, IT Infrastructure Library and ISO 20000, Capability Maturity Model Integration and Six Sigma, etc. and relation application or controls.
  • Knowledge of common risk management methodologies - for example, Control Objectives for Information and Related Technology and Committee of Sponsoring Organizations Enterprise Risk Management.
  • Industry-related audit, compliance, information security or business continuity management certification is preferred.
  • Experience with development and/or maintaining risk and controls programs in complex IT environments.
  • Strong ability to think creatively when approaching issues.
  • Strong critical thinking and problem-solving skills.
  • Proven teaming skills to driven completion of organizational objectives
  • Ability to set and manage priorities judiciously to meet tight deadlines.
  • Ability to present ideas in business-friendly and user-friendly language.
  • Exceptionally self-motivated, directed and detail oriented.
  • Superior analytical and problem-solving abilities.
  • Excellent communicator.
  • Strong level of experience using the MS suite of Products.
  • Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and regulators.
  • One or more of the following certifications in area of specialty are preferred. Examples include, CISSP, CISA, CISM, CRISC, CIA
  • ** This role does require you to work in our Downtown Houston office location Monday-Thursday.

We reserve the right to amend or withdraw Motiva jobs at any time, including prior to the closing date. Depending on qualifications, the successful candidate may be offered a position at a more appropriate level and/or grade.

Applicants for regular U.S. positions must be authorized to work in the United States for Motiva Enterprises LLC without the need for sponsorship of an immigration authorization or visa (for example, TN, H-1B, or other employment-based immigration authorization or visa).

Motiva participates in E-Verify.

All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, age, religion, disability, sexual orientation, gender identity, protected veteran status, citizenship, genetic information, or other protected status under federal, state, or local laws.


This job has expired.

Get Hired Faster

Subscribe to job alerts and upload your resume!

*By registering with our site, you agree to our
Terms and Privacy Policy.

More Oil and Gas jobs


Motiva Enterprises LLC
Port Arthur, Texas
Posted about 1 hour ago
Motiva Enterprises LLC
Houston, Texas
Posted about 1 hour ago
Motiva Enterprises LLC
Houston, Texas
Posted about 1 hour ago
View Oil and Gas jobs »