You’re being taken to an external site to apply.
Enter your email below to receive job recommendations for similar positions.
Specialist, Cybersecurity Compliance
Enterprise Products Partners L.P. is one of the largest publicly traded partnerships and a leading North American provider of midstream energy services to producers and consumers of natural gas, NGLs, crude oil, refined products and petrochemicals. Our services include natural gas gathering, treating, processing, transportation and storage; NGL transportation, fractionation, storage and import and export terminals; crude oil gathering, transportation, storage and terminals; petrochemical and refined products transportation, storage and terminals; and a marine transportation business that operates primarily on the United States inland and Intracoastal Waterway systems. The partnership’s assets include approximately 50,000 miles of pipelines; 260 million barrels of storage capacity for NGLs, crude oil, refined products and petrochemicals; and 14 billion cubic feet of natural gas storage capacity.
The Cybersecurity Compliance Specialist will play a key role in the IT Security & Compliance team, assessing and monitoring cybersecurity controls and mitigations to manage the risk to company information and systems from increasing cyber threats. They will manage documentation of and reporting on compliance with cybersecurity frameworks, government cybersecurity regulations, and third-party requirements. They will also work with IT and other departments to promote secure practices and compliance with company policy. Other responsibilities include, but are not limited to:
- Report on alignment with cybersecurity frameworks such as NIST CSF and identify coverage gaps
- Develop a formal, but efficient program to map controls to, document, and respond to government cybersecurity regulations and third-party cybersecurity requirements
- Work with the IT Security team and IT staff to drive implementation of new cybersecurity requirements
- Identify areas for better risk management and improved cybersecurity controls
- Monitor cybersecurity legislative and regulatory landscape
- Stay current on cybersecurity regulations threats and appropriate mitigation strategies
- Improve risk monitoring and reporting on cybersecurity risk
- Integrate threat intelligence into the cybersecurity risk monitoring process
The successful candidate will meet the following qualifications:
- Bachelor's degree is required
- 3-5 years of experience in a relevant, dedicated information security and/or compliance role
- Knowledge of cybersecurity frameworks such as NIST CSF and ISO 27001
- Experience mapping controls to cybersecurity regulations such as TSA Security Directives or NERC CIP
- Excellent verbal and written communication skills are required
- Security certifications (CISA, GIAC, CCSK, etc.) are preferred
- Active member of one or more security associations (ISSA, ISACA, CSA, InfraGard, ISAC/ISAO, etc.)
- Cybersecurity risk assessment, including third-party and cloud assessment
- Privacy risk
Recommended Skills
- Certificate Of Cloud Security Knowledge
- Certified Information Security Manager
- Communication
- Global Information Assurance Certification
- Iso/Iec 27001
- Risk Management
Job ID: 000CE7