Chevron Careers

Cybersecurity Vulnerability Analyst – Chevron Careers Near Me


Website Chevron

Position Summary:

This position supports the Information Risk Strategy Management (IRSM) Vulnerability Management (VM) program reporting to the Vulnerability Management Team Lead. Responsibilities include managing the vulnerability remediation process to ensure weaknesses identified through vulnerability scanning and assessments / penetration tests along with any emergency concerns are assigned to owners and tracked to resolution.

Key Responsibilities:

  • Responsible for analyzing information/data collected from vulnerability assessments and scans; and in conjunction with the IRSM risk managers, helps recommend mitigations in the form of policies, standards, and controls as they apply to the major risk domains. This person will also support project initiatives to assess vulnerability of Chevron’s IT assets.
  • Foundational skills in cybersecurity toolsets including infrastructure and application scanning, phishing campaigns, cloud access security broker, and other cross functional security tools.
  • Engage technical resources and leaders across the enterprise to share results and gain commitment.
  • Support project initiatives to assess vulnerabilities in Chevron’s IT assets and perform validation testing of remediated vulnerabilities from business vulnerability assessments, as needed.
  • Foundational knowledge in cybersecurity and apply that knowledge toward remediation initiatives.

Required Education & Experience:

  • Candidates should demonstrate strong verbal, written and presentation skills, as well as an ability to communicate technical information to different audiences (management, non-technical, IT Professionals, PCN Professionals). Able to engage and interview stakeholders requesting vulnerability management services to capture key information needed to effectively understand, clearly articulate, and document remediation plans.
  • Experience in one of the following areas: a system administrator, application developer, programmer familiarity with MS Windows or UNIX/Linux operating systems.
  • Understanding of attacker mindset, exploitation, and how vulnerabilities are leveraged.
  • Knowledge of Cybersecurity principles and various information security technologies (i.e., IDS/IPS, HIPS, DLP, firewalls, network engineering, database, etc.).
  • In-depth experience with cybersecurity concepts, vulnerability scanning tools, and other security techniques such as active/passive reconnaissance, vulnerability identification, exploitation, phishing, social engineering, and command and control techniques.
  • Demonstrated ability in vulnerability management or related field such as penetration testing, SOC, or threat intelligence.
  • Must understand IT systems (Operating Systems, databases, and applications).
  • Strong desire to learn new tools and technologies highly motivated to apply that knowledge toward understanding and communicating the sources of vulnerabilities.
Apply Here