Job Type:
Regular
Plains All American is an industry-leading transportation and midstream provider specializing in transportation, storage, processing and marketing solutions for crude oil and natural gas liquids (NGLs). We own an extensive network of pipeline transportation, terminalling, storage and gathering assets in key crude oil and NGL producing basins and transportation corridors and at major market hubs in the United States and Canada. On average, Plains handles more than 6 million barrels per day of crude oil and NGL in its Transportation segment. The company is headquartered in Houston, Texas.
We are looking for highly-motivated individuals who enjoy working as part of a team in a dynamic and entrepreneurial work environment.
The selected candidate will be eligible for company benefits including Medical/Dental/Vision, vacation time off, and free parking. Additionally, this position comes with the option of a hybrid work schedule, combining working in our Houston office with working remotely.
Plains All American Is Looking For a Cyber Security Director To Join Our IT Leadership Team And Oversee The Security Of Our Information Systems And Data. The Ideal Candidate Will Take a Risk-based Approach To Manage Our Cyber Security Programs, Policies, And Standards Across a Large And Complex Organization. The Cyber Security Director Will Be Responsible For:
- Risk Management: Assessing and mitigating cyber risks, developing and implementing risk management frameworks and processes, and reporting on key risk indicators and metrics.
- Cybersecurity Strategy and Operations: Work with the Principal Cyber Security Architect on the development of and executing the cybersecurity strategy and roadmap, aligning with business objectives and industry best practices. Leading and managing the cybersecurity operations team, ensuring timely and effective detection, response, and recovery from cyber incidents. Establishing and maintaining relationships with internal and external stakeholders, including customers, regulators, vendors, and law enforcement agencies.
- Compliance and Governance: Ensuring compliance with applicable laws, regulations, and contractual obligations related to cyber security. Developing and enforcing cybersecurity policies, standards, and procedures. Conducting audits and reviews of cybersecurity controls and practices. Providing guidance and training on cybersecurity awareness and education.
- Technology Integration: Providing direction and requirements to our Architecture & Technology functions to allow for the evaluation and selection of emerging technologies and solutions that enhance the security posture and resilience of the organization. Integrating cybersecurity requirements and best practices into the design and development of IT systems and applications. Managing the cybersecurity budget and resources.
The Cyber Security Director will report directly to the Senior Director, Enterprise Technology and work closely with other senior leaders across the organization, as well as acting as the key contact for Cyber Security related inquiries from regulators and government entities across North America.
Responsibilities
- Identifying, assessing, and mitigating cyber risks and threats across the company's infrastructure, systems, networks, and data
- Implement a cyber security strategy and roadmap that aligns with the company's vision, mission, values, and objectives.
- Establish and maintain a cyber security governance framework and policies that ensures compliance with applicable laws, regulations, standards, and best practices.
- Monitor and report on the cyber security performance, risk posture, and maturity of the company, and provide recommendations for improvement.
- Oversee the security operations center, incident response, threat intelligence, vulnerability management, and security awareness functions.
- Collaborate with the technology architecture group to design and implement secure and resilient solutions that support the company's business needs and goals.
- Build and maintain strong relationships with internal and external stakeholders, including senior management, business units, customers, vendors, regulators, and government officials.
- Lead, mentor, and develop a high-performing cyber security team that fosters a culture of excellence, innovation, and continuous improvement.
- Stay abreast of the latest cyber security trends, threats, and best practices, and ensure that the company adapts accordingly.
Qualifications, Experiences And Skills
- Bachelor's degree in computer science, information systems, cyber security, or related field. Master's degree or relevant certification (e.g. CISSP, CISM, CISA, CRISC) is preferred.
- At least 10 years of progressive experience in cyber security, with at least 5 years in a leadership role.
- Demonstrated experience in government and regulator affairs considered an asset
- Demonstrated experience in executing a cyber security strategy and roadmap for a large and complex organization.
- Proven track record of managing cyber security operations, compliance, and IT as well as identity functions, and delivering successful outcomes.
- Strong knowledge of cyber security frameworks, standards, laws, and regulations, such as NIST, ISO, PCI, HIPAA, FERC, NERC, etc.
- “Secret” level security clearance would be an asset.
- Excellent communication, presentation, and interpersonal skills, with the ability to communicate complex and technical issues to diverse audiences.
- Strong analytical, problem-solving, and decision-making skills, with the ability to balance risk and business needs.
- Highly collaborative, adaptable, and customer-oriented, with the ability to build and maintain effective relationships with internal and external stakeholders.
- Passionate, driven, and innovative, with the ability to lead and inspire a team of cyber security professionals.
- Cleared criminal history (background) and satisfactory reference checks
- Compliance with the Company’s drug and alcohol policy including pre-employment D&A testing.
#Plains
At Plains, our employees are our most valuable asset. Hard work is rewarded with competitive compensation and a top-tier benefits program designed to keep our employees safe, healthy and happy. We work hard to deliver the best results to our stakeholders and we also respect our employees need for personal and family time, which is reflected in our benefits program.
Salary details estimated by job boards such as Indeed, Glassdoor, and LinkedIn do not represent Plains’ compensation structure. We thank all candidates for their interest; however, only those selected for an interview will be contacted.
By submitting your resume, you consent to the collection, use and necessary disclosure of the personal information provided during the application and selection process. Learn more.