Cybersecurity Manager (Midstream OT Compliance)

Marathon Petroleum Corporation-posted about 1 month ago
Full-time • Mid Level
Findlay, OH
5,001-10,000 employees
Merchant Wholesalers, Nondurable Goods
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

At MPC, we're committed to being a great place to work - one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment. Position Summary At Marathon, we are trailblazers in the Oil & Gas industry, driving innovation and creating value through cutting edge digital platforms and infrastructure. Our Midstream IT organization supports Marathon's Midstream Business Units, including Gathering, Transporting, Storing, Processing, and Distributing Oil & Gas products. We take pride in our ability to deliver high-quality services and transformative solutions that enhance operational performance. As we continue to transform the Midstream technological landscape, we are seeking a visionary and experienced IT Manager of OT Compliance to lead the development and execution of a comprehensive compliance program within Marathon's Operational Technology (OT) environment. This role is pivotal in shaping a multi-year strategic roadmap that embeds compliance-by-default principles and fosters a culture of proactive risk management across OT systems. As a key leader within the Midstream IT department, a successful candidate will collaborate across OT Operations, Support, Service Management, Infrastructure, and Cybersecurity teams to ensure alignment and scalability of compliance initiatives. The role demands a creative, automation-first mindset and deep expertise in compliance architecture, risk analytics, and platform development. This position offers the opportunity to influence enterprise-wide compliance strategy, drive operational excellence, and deliver measurable improvements in audit readiness, governance, and risk posture. The ideal candidate will bring a strong blend of technical acumen, leadership capability, and strategic foresight to elevate the maturity of Marathon's OT compliance landscape. This role is accountable for business results primarily achieved through the work of others. Manages staff, sets direction, and deploys resources. Has responsibility for employee development, performance reviews, pay reviews, and staffing decisions. Accountable for business, functional or operational areas, processes, or programs.

  • Manages daily operations of the team, providing guidance, mentorship, and driving a culture of innovation and continuous improvement. Oversees recruitment, development, retention, and performance to build strong talent.
  • Plans and leads low- to medium-complexity IT projects, ensuring they are delivered on time, within budget, and adhere to quality standards.
  • Ensures the availability, reliability, and security of technology systems. Collaborates with key stakeholders and internal groups to identify needs, deliver effective solutions, and support business objectives.
  • Implements cybersecurity strategy & drives governance, risk & compliance (NIST-aligned), Owns program strategy, policies/standards, defines risk appetite/tolerance and compliance objectives, maintains a multi-year roadmap, champions security awareness/culture.
  • Monitors and analyzes security events, coordinates incident response to minimize impact, maintains and executes the Incident Response plan, runs exercises; and aligns with Business Continuity / Disaster Response to ensure rapid recovery and post-incident improvements.
  • Designs, implements, and maintains security controls and tooling (e.g., firewalls, IDS/IPS, EDR, encryption); ensures secure configurations and lifecycle management; evaluates new capabilities to strengthen security posture.
  • Runs enterprise risk assessments and treatment plans, maintains the risk register, drives vulnerability management and pen testing, performs control testing/evidence management, supports audits, track compliance to applicable standards/regulations, ensures timely remediation and risk reporting/metrics.
  • Partners with IT operations, software engineering, and OT teams to embed security by design and align to risk appetite; applies ITSM fundamentals where appropriate (incident/change/problem) to maintain service quality and stability.
  • Governs security vendors/providers; assess and monitor supplier security and compliance obligations, enforces remediation, manages SLAs and contractual controls.
  • Manages OpEx/CapEx for security, prioritizes investments by risk and ROI and optimizes licensing, services, and resource allocation to meet strategic and operational objectives.
  • Bachelor's degree in Computer Science, Information Technology, Management Information Systems, Engineering, Business, or other computer-related degree required.
  • 10+ years of diversified IT experience required.
  • 3+ years of experience leading professional staff required.
  • Strong communication and change leadership
  • Certified in Risk and Information Systems Control (CRISC) strongly preferred
  • Experience with Operational Technology (OT) strongly preferred.
  • Certified Information Systems Security Professional (CISSP) preferred
  • Certified Information Security Manager (CISM) preferred
  • Certified Information Systems Auditor (CISA) preferred
  • Strong understanding of Portfolio and Agile management preferred.
  • Marathon Petroleum offers a total rewards program which includes, but is not limited to, access to health, vision, and dental insurance, paid time off, 401k matching program, paid parental leave, and educational reimbursement.
  • Detailed benefit information is available at mympcbenefits.com.
  • The hired candidate will also be eligible for a discretionary company-sponsored annual bonus program.
Track Jobs with Teal

Job Search Resources

Resume Builder
Resume Examples
Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service