Posted:
8/29/2024, 8:07:17 AM
Location(s):
Tulsa, Oklahoma, United States ⋅ Oklahoma, United States
Experience Level(s):
Mid Level ⋅ Senior
Field(s):
IT & Security
JOB SUMMARY
We’re looking for a Security Analyst III to join the Enterprise Security team at ONEOK. In this role you will join a dynamic group with diverse skills who are passionate about cybersecurity and physical security compliance. Our growing team manages, maintains, and improves all aspects of the enterprise security cybersecurity and physical security control environments.Job Profile Summary
Responsible for the design of certain security functions within the overall information security strategy, management system processes, programs, communications, and activities throughout the organization.
Essential Functions and Responsibilities
Designs and refines certain functions within the information security framework that ensures confidentiality, integrity, and availability of information assets by protecting against unauthorized use, disclosure, modification, or loss
Provides guidance for certain information security functions including developing process/technology roadmaps, determining appropriate organizational awareness activities, and advising senior management on changes in the technical, legal and/or regulatory environments that may impact the security of information assets
Works with Director of Information Security to determine the appropriate levels of information risk for the enterprise and collaborates with affected business units and key stakeholders to ensure that exposure is minimized in accordance with applicable laws and regulations
Collaborate with appropriate personnel across certain areas of the company to ensure appropriate risk levels are identified for information assets and if applicable, physical security of facilities
Lead implementation of information security policies, standards, procedures and guidelines for certain security functions. Design and operate monitoring and improvement activities to ensure ongoing compliance with internal security policies and applicable laws and regulations
Define and implement an ongoing security risk assessment program, which will define, identify, and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement remediation plans where appropriate in certain security functions. Provide guidance of security risk assessments of third party relationships and associated corrective actions
Assist in the information security incident response process and provide guidance to senior management related to incident escalation and resolution. Assist in the preventive monitoring of potential information security threats, investigation of alleged information security breaches and, if necessary, drive appropriate response to the breach
Design, develop, implement, and maintain the identity and access management procedures to ensure proper user account provisioning. Collaborate with other information technology personnel to ensure solution designs have appropriate information security controls
Assist in the information security awareness, training, and educational activities for all personnel who have access to information assets
Collaborate with delivery teams to design, develop, and implement secure solutions
Education
Bachelor's Degree in information technology, accounting, other related field, or an equivalent combination of formal education and the following job related experience
Work Experience
Experience in information technology, including significant security activities
Experience developing information security and technology roadmaps
Experience in a regulated sector. Familiarity with gas / utilities business processes
Experience with key information security frameworks and governing bodies such as the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST)
Experience researching, preparing, composing, recommendations, security documentation, flowcharts, standards, procedures, reports, and correspondence
Experience interacting, advising, and communicating effectively
Experience analyzing information, conducting meetings, and making presentations
Knowledge, Skills and Abilities
Knowledge of: IT infrastructure environments, local and wide-area networks and application security needs
Ability to: manage small to medium information security projects
Ability to: develop consensus and facilitate decision-making among senior executives
Ability to: communicate and/or exchange information; conduct oral presentations
Licenses and Certifications
CISSP Certified Information Systems Security Professional preferred
Certified Information Security Manager (CISM) preferred
Certified Information Systems Auditor (CISA) preferred
Certified Secure Software Lifecycle Professional (CSSLP) preferred
Certified Information Privacy Professional (CIPP) preferred
Strength Factor Rating - Physical Demands/Requirements
Sedentary Work - Exerting up to 10 pounds of force occasionally (Occasionally: activity or condition exists up to 1/3 of the time) and/or a negligible amount of force frequently (Frequently: activity or condition exists from 1/3 to 2/3 of the time) to lift, carry, push, pull, or otherwise move objects, including the human body. Sedentary work involves sitting most of the time, but may involve walking or standing for brief periods of time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met.
Strength Factor Description - Physical Demands/Requirements
Standing: Remaining on one's feet in an upright position at a work station without moving about (Occasionally)
Walking: Moving about on foot (Frequently)
Sitting: Remaining in a seated position (Constantly)
Lifting: Raising or lowering an object from one level to another (includes upward pulling) (Occasionally)
Carrying: Transporting an object, usually holding it in the hands or arms, or on the shoulder (Occasionally)
Pushing: Exerting force upon an object so that the object moves away from the force (Occasionally)
Pulling: Exerting force upon an object so that the object moves toward the force (includes jerking) (Occasionally)
Climbing: Ladders, Stairs (Occasionally)
Balancing: Maintaining body equilibrium to prevent falling (Occasionally)
Stooping: Bending the body downward and forward by bending the spine at the waist (Occasionally)
Kneeling: Bending the legs at the knees to come to rest on the knee or knees (Occasionally)
Crouching: Bending the body downward and forward by bending the legs and spine (Occasionally)
Crawling: Moving about on the hands and arms in any direction (Occasionally)
Reaching: Extending hands and arms in any direction (Constantly)
Handling: Seizing, holding, grasping, turning or otherwise working with the hand or hands (Manual Dexterity) (Constantly)
Fingering: Picking, pinching or otherwise working with the fingers primarily (Finger Dexterity) (Constantly)
Feeling: Perceiving such attributes of objects/materials as size, shape, temperature, texture, movement or pulsation by receptors in the skin, particularly those of the finger tips (Constantly)
Talking: Expressing or exchanging ideas/information by means of the spoken word (Frequently)
Hearing: Perceiving the nature of sound by the ear (Frequently)
Tasting/Smelling: (Occasionally)
Near Vision: Clarity of vision at 20 inches or less (Constantly)
Far Vision: Clarity of vision at 20 feet for more (Frequently)
Depth Perception: Three-dimensional vision; ability to judge distances and spatial relationships so as to see objects where and as they actually are (Frequently)
Vision: Color - The ability to identify and distinguish colors (Constantly)
Working Conditions/Environment
Employee is subject to inside environmental conditions
Working Conditions
Well lighted, climate controlled areas (Constantly)
Frequent repetitive motion (Constantly)
CRT (Computer Monitor(s)) (Constantly)
Travel
Travel in and around plant and office facilities and around job sites out-of-doors.
Driving
Based on assigned tasks, employee may be assigned a company vehicle requiring the applicable driver's license
ONEOK is an equal opportunity employer committed to diversity and inclusion. All qualified applicants will receive consideration for employment without regard to race, color, sex, pregnancy, sexual orientation, age, religion, creed, national origin, gender identity, disability, military/veteran status, genetic information or any other categories protected by applicable law.
The job description is not intended to be a complete list of all responsibilities, duties or skills required for the job and is subject to review and change at any time, with or without notice, in accordance with the needs of ONEOK.
ONEOK is committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request an accommodation email [email protected] or call 1-855-663-6547.
Expected Salary Range
$98,000.00 - $148,000.00Website: https://oneok.com/
Headquarter Location: Tulsa, Oklahoma, United States
Employee Count: 1001-5000
Year Founded: 1906
IPO Status: Public
Last Funding Type: Post-IPO Debt
Industries: Automotive ⋅ Energy ⋅ Logistics ⋅ Oil and Gas ⋅ Transportation