Marathon Petroleum Corporation
Senior Cybersecurity Engineer, OT Cybersecurity
Marathon Petroleum Corporation, San Antonio, Texas, United States, 78208
Senior Cybersecurity Engineer, OT Cybersecurity
Join to apply for the
Senior Cybersecurity Engineer, OT Cybersecurity
role at
Marathon Petroleum Corporation
An exciting career awaits you. At MPC, we’re committed to being a great place to work – one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.
Position Summary The Senior Cybersecurity Engineer, OT Cybersecurity plays a critical role in safeguarding Marathon Petroleum Corporation’s digital and operational assets across enterprise IT and industrial control systems (ICS/OT). This position is responsible for the use, maintenance, and enhancement of the Dragos platform, optimizing threat and vulnerability management to identify, analyze, and respond to emerging cyber threats targeting both business and field operations, including refineries, pipelines, terminals, and remote industrial facilities.
Working as part of the Cyber Threat and Vulnerability Management team within the Cyber Fusion Center, the engineer will ensure the proper operation and use of the Dragos platform and associated field equipment across the OT enterprise environment, allowing for the enhancement of TVM processes within the OT environment. The role requires close coordination with internal teams including threat hunting, incident response, threat intelligence, and infrastructure to ensure alignment between detection strategy, risk posture, and operational resiliency.
Key Responsibilities
Conduct detailed analyses on changes to cybersecurity solutions and assess business impact and cybersecurity risk.
Leverage cybersecurity assessments and standards to ensure compliance across security systems.
Improve the efficiency and effectiveness of security solutions, processes, and controls.
Analyze existing processes and procedures and lead efforts to implement improvements or remediation.
Develop and submit Standard Operating Procedures.
Analyze business‑impacting events, perform initial investigation, and monitor networks, systems, and applications for signs of potential cybersecurity incidents.
Investigate and analyze the nature and scope of cyber incidents, assisting in the development of innovative mitigation and remediation plans to ensure regulatory compliance.
Lead implementation of global security initiatives, policies, and compliance requirements and collect and validate security metrics and associated remediation efforts.
Manage cybersecurity‑related consulting, guidance, and support to customers and stakeholders.
Translate security principles to assist configuration teams with incorporating security into build and configuration processes.
Monitor emerging IT/OT and cybersecurity technologies and their impact on the security landscape.
Education and Experience
Bachelor’s Degree in Information Technology, a related field, or equivalent experience.
Professional certification preferred (e.g., Security+, Network+, OSCP, GIAC, CEH).
5+ years of relevant experience required.
Dragos Platform Certified User Certification required.
Dragos ICS/OT Cybersecurity Training Certification required.
ICS/OT Cybersecurity certifications such as GCISP and GRID preferred.
Skills
Authentic Communicator – expresses ideas clearly in writing and verbally, listens to understand, and fosters constructive dialogue.
Cybersecurity Risk Management – develops risk assessment and treatment techniques to pre‑empt security loopholes, prioritizing mitigation strategies.
General Programming – applies a computer language to automate tasks.
Intrusion Detection – uses security analytics, predictive research, and root‑cause analysis to detect potential breaches and monitor vulnerability reports.
Penetration Testing – tests systems, networks, or web applications for exploitable vulnerabilities, automating or performing manually as needed.
Relationship Management – builds and manages long‑term trusted relationships with internal and external customers and stakeholders.
Security Controls – maintains information systems focusing on risk management and security.
Security Governance – develops and disseminates corporate security policies, frameworks, and guidelines.
Security Information & Event Management (SIEM) – employs tools and services for real‑time visibility and event log management.
Security Policy Management – identifies, implements, and manages rules for accessing and using IT assets.
Threat Analysis – gathers intelligence and anticipates potential IT/OT threats proactively.
Threat Hunting – searches networks and endpoints to detect and isolate evasive cyber threats.
Vulnerability Management – identifies, classifies, and prioritizes vulnerabilities, providing risk context to the organization.
Location San Antonio, Texas
Job Requisition ID 00019304
Seniority Level Not Applicable
Employment Type Full‑time
Equal Opportunity Employer Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to fully qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, reproductive health decision‑making, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship or any other status protected by applicable federal, state, or local laws. If you would like more information about your EEO rights as an applicant, click here.
If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at talentacquisition@marathonpetroleum.com. Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation. Marathon Petroleum offers a total rewards program which includes, but is not limited to, access to health, vision, and dental insurance, paid time off, 401(k) matching program, paid parental leave, and educational reimbursement. Detailed benefit information is available at https://mympybenefits.com. The hired candidate will also be eligible for a discretionary company‑sponsored annual bonus program.
#J-18808-Ljbffr
Senior Cybersecurity Engineer, OT Cybersecurity
role at
Marathon Petroleum Corporation
An exciting career awaits you. At MPC, we’re committed to being a great place to work – one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.
Position Summary The Senior Cybersecurity Engineer, OT Cybersecurity plays a critical role in safeguarding Marathon Petroleum Corporation’s digital and operational assets across enterprise IT and industrial control systems (ICS/OT). This position is responsible for the use, maintenance, and enhancement of the Dragos platform, optimizing threat and vulnerability management to identify, analyze, and respond to emerging cyber threats targeting both business and field operations, including refineries, pipelines, terminals, and remote industrial facilities.
Working as part of the Cyber Threat and Vulnerability Management team within the Cyber Fusion Center, the engineer will ensure the proper operation and use of the Dragos platform and associated field equipment across the OT enterprise environment, allowing for the enhancement of TVM processes within the OT environment. The role requires close coordination with internal teams including threat hunting, incident response, threat intelligence, and infrastructure to ensure alignment between detection strategy, risk posture, and operational resiliency.
Key Responsibilities
Conduct detailed analyses on changes to cybersecurity solutions and assess business impact and cybersecurity risk.
Leverage cybersecurity assessments and standards to ensure compliance across security systems.
Improve the efficiency and effectiveness of security solutions, processes, and controls.
Analyze existing processes and procedures and lead efforts to implement improvements or remediation.
Develop and submit Standard Operating Procedures.
Analyze business‑impacting events, perform initial investigation, and monitor networks, systems, and applications for signs of potential cybersecurity incidents.
Investigate and analyze the nature and scope of cyber incidents, assisting in the development of innovative mitigation and remediation plans to ensure regulatory compliance.
Lead implementation of global security initiatives, policies, and compliance requirements and collect and validate security metrics and associated remediation efforts.
Manage cybersecurity‑related consulting, guidance, and support to customers and stakeholders.
Translate security principles to assist configuration teams with incorporating security into build and configuration processes.
Monitor emerging IT/OT and cybersecurity technologies and their impact on the security landscape.
Education and Experience
Bachelor’s Degree in Information Technology, a related field, or equivalent experience.
Professional certification preferred (e.g., Security+, Network+, OSCP, GIAC, CEH).
5+ years of relevant experience required.
Dragos Platform Certified User Certification required.
Dragos ICS/OT Cybersecurity Training Certification required.
ICS/OT Cybersecurity certifications such as GCISP and GRID preferred.
Skills
Authentic Communicator – expresses ideas clearly in writing and verbally, listens to understand, and fosters constructive dialogue.
Cybersecurity Risk Management – develops risk assessment and treatment techniques to pre‑empt security loopholes, prioritizing mitigation strategies.
General Programming – applies a computer language to automate tasks.
Intrusion Detection – uses security analytics, predictive research, and root‑cause analysis to detect potential breaches and monitor vulnerability reports.
Penetration Testing – tests systems, networks, or web applications for exploitable vulnerabilities, automating or performing manually as needed.
Relationship Management – builds and manages long‑term trusted relationships with internal and external customers and stakeholders.
Security Controls – maintains information systems focusing on risk management and security.
Security Governance – develops and disseminates corporate security policies, frameworks, and guidelines.
Security Information & Event Management (SIEM) – employs tools and services for real‑time visibility and event log management.
Security Policy Management – identifies, implements, and manages rules for accessing and using IT assets.
Threat Analysis – gathers intelligence and anticipates potential IT/OT threats proactively.
Threat Hunting – searches networks and endpoints to detect and isolate evasive cyber threats.
Vulnerability Management – identifies, classifies, and prioritizes vulnerabilities, providing risk context to the organization.
Location San Antonio, Texas
Job Requisition ID 00019304
Seniority Level Not Applicable
Employment Type Full‑time
Equal Opportunity Employer Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to fully qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, reproductive health decision‑making, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship or any other status protected by applicable federal, state, or local laws. If you would like more information about your EEO rights as an applicant, click here.
If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at talentacquisition@marathonpetroleum.com. Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation. Marathon Petroleum offers a total rewards program which includes, but is not limited to, access to health, vision, and dental insurance, paid time off, 401(k) matching program, paid parental leave, and educational reimbursement. Detailed benefit information is available at https://mympybenefits.com. The hired candidate will also be eligible for a discretionary company‑sponsored annual bonus program.
#J-18808-Ljbffr