Cybersecurity Engineer I (Cybersecurity Compliance Engineer)(Various Locations)

Job Expired

About the job

An exciting career awaits you

At MPC, we’re committed to being a great place to work – one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.

Position Summary:

The successful candidate will operate within our industrial control system and operating technology environments to advise and assist with the establishment and enhancement of Cybersecurity postures. The position leads cybersecurity programs, including but not limited to standards and established operational procedures, security appliances and solutions, vulnerability management, education and awareness, compliance, risk assessments, and waivers. The Cybersecurity Engineer will be a trusted subject matter expert in developing OT Cybersecurity architectures, guiding and developing Cybersecurity postures, and being a resource to ensure Marathon Petroleum is protecting process critical operating technology.

  • This position is a part of a job family with multiple levels. The successful candidate will be placed at a level commensurate with experience and qualifications.

Key Responsibilities:

  • Leverage and apply skills across a broad range of cybersecurity domains, i.e., Network, Endpoint, Application, Encryption, and User Access.
  • Secure cross-domain IT/OT communications and pathways to/from Business Networks, third parties, and wide-area ICS/OT networks.
  • Engineer security solutions for real-time and/or performance-sensitive systems.
  • Create Functional Design Specifications and Detailed Design Specifications.
  • Design technical and administrative controls to drive the cybersecurity posture.
  • Complete cybersecurity assessments based on frameworks, such as NIST 800- 53/800-82, IEC 62433, API 1164, RG 5.71, NEI 08-09, ISA, etc.
  • Design and conduct Facility and Security Site Acceptance Testing.
  • Apply application whitelisting solutions and other security tools in ICS environments.
  • Clearly communicate ideas and explain technical knowledge in business language to management and other stakeholders.
  • Research and engineer new cybersecurity solutions and write research papers, proposals, and presentations.
  • Track and monitor assigned activities from reception through completion.
  • Identify and propose cybersecurity and IT program improvements to strengthen existing defenses.

Education and Experience:

  • Bachelor’s Degree in a technical field (Cybersecurity, Computer Science, Information Systems, Information Technology, Information Systems Security, Electrical Engineering, Physical Sciences), or equivalent experience.
  • Five or more years of experience in a technical, professional role for an enterprise is required.
  • Four years of experience in cybersecurity required; eight years with at least three spent securing critical infrastructure/ICS/OT environments, including DCS, PCS, SCADA systems, PLCs, RTUs, etc., preferred.
  • Professional certification, such as Security+, SANS GSEC, CISSP, CISA, CRISC.
  • Experience designing and conducting Facility and Security Site Acceptance Testing.
  • Experience applying application whitelisting solutions and other security tools in ICS environments.
  • Experience with Oil and Gas, Energy, and Building/Facility Management Systems.

Skills:

  • Familiarity with ICS-related communications protocols, e.g., MODBUS, DNP3, S7, etc.
  • Highly competent in zone and conduit architectures and cybersecurity approaches.
  • Understanding of time-delayed communications and networks.
  • Highly proficient with Microsoft Visio and documenting ICS/OT infrastructures.
  • Working knowledge of system security design process, defense-in-depth/breadth, engineering lifecycle, information domains, cross-domain solutions, identification, authentication, and authorization, system integration, risk management, intrusion detection, contingency planning, incident handling, configuration control, change management, auditing, certification, and accreditation process, principles of IA (confidentiality, integrity, non-repudiation, availability, access control), and security testing.
  • Understands the threat landscape of network-connected ICS technology.
  • Strong technical writing skills.
  • Understands fundamentals of technical security risk assessment.
  • Building Partnerships: Developing and leveraging relationships within and across workgroups to achieve results.
  • Continuous Improvement: Originating action to improve existing conditions and processes; identifying improvement opportunities, generating ideas, and implementing solutions.
  • Driving for Results: Setting high goals for personal and group accomplishment; using measurement methods to monitor progress toward goals; tenaciously working to meet or exceed goals while deriving satisfaction from that achievement and continuous improvement.

As an energy industry leader, our career opportunities fuel personal and professional growth.

Location:

Findlay OH Main Bldg

Additional locations:

San Antonio TX

Job Requisition ID:

00000522

Location Address:

539 S Main St

Education:

Employee Group:

Full time

Employee Subgroup:

Regular

Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship or any other status protected by applicable federal, state, or local laws. If you would like more information about your EEO rights as an applicant, click here.

If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at [email protected]. Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation. To view benefit information for Marathon Petroleum Corporation please visit mympcbenefits.com.

Equal Opportunity Employer: Veteran / Disability

More Information

  • This job has expired!

13th Anniversary Global InfoSec Awards for 2025 now open for early bird packages! Winners Announced during RSAC 2025...

X