IT Audit & Governance Advisor (Dallas or Houston, TX)

Oxychem Corporation•Houston, TX

16d

About The Position

Contribute. Grow. Lead...with OxyChem. Looking for a challenge? Desire to achieve your true potential? OxyChem is a growing, action-oriented, safety driven chemical manufacturing company continually striving to be the best in the business while staying focused on environmental protection. The secret to our success has and will continue to be our people. OxyChem, a Berkshire Hathaway company, is a leading producer of essential chemistry with operations in the U.S., Canada and Latin America. OxyChem’s products play an essential role in everyday life, supporting critical applications in water treatment, pharmaceuticals, healthcare, manufacturing, automotive, personal hygiene, and residential and commercial construction. OxyChem actively participates in the Occupational Safety and Health Administration Voluntary Protection Program, underscoring our commitment to safety. Headquartered in Dallas, Texas, OxyChem is a top three U.S. manufacturer of polyvinyl chloride, chlor-alkali and chlorinated organic chemicals, and calcium chloride. Visit oxychem.com for more information. In a fast-paced industry that demands precision, we create a supportive workplace where the safety and well-being of our employees are paramount. We are committed to rewarding top performers, offering very competitive pay and benefits, and providing tremendous career development opportunities. We are seeking an experienced IT Auditor to evaluate and enhance the effectiveness of IT controls, security measures, and compliance with regulatory requirements. This role combines IT audit responsibilities with strategic advisory functions, working closely with external and internal teams to identify and manage operational and technology risks. You will provide actionable recommendations, strengthen governance practices, and help shape the organization’s IT risk posture.

Requirements

Strong understanding of IT and OT systems, networks, and databases.
Familiarity with cybersecurity principles, encryption, and access control mechanisms.
Knowledge of frameworks such as NIST, and ISO 27001.
Proficiency with audit and data analysis tools; scripting experience is a plus.
Ability to assess IT risks and align controls with business objectives.
Working knowledge of regulatory requirements (MTSA, SOX, GDPR, HIPAA) and compliance auditing practices.
Strong critical thinking and attention to detail for identifying control gaps and vulnerabilities.
Capability to interpret complex technical environments and recommend practical solutions.
Excellent written and verbal communication skills for translating technical findings into clear reports.
Strong interpersonal skills to collaborate with IT teams, business units, and auditors.
High ethical standards and professional skepticism to maintain independence and objectivity.
Bachelor’s degree in Management Information Systems, Computer Science, Information Security, Risk Management, or related field.
5+ years in IT Audit, Cybersecurity, or GRC roles.
Experience with frameworks like ISO 27001 and NIST 2.0
Proven experience in cybersecurity awareness program design and delivery.
Strong analytical and problem-solving abilities.
Excellent communication and stakeholder management skills.
Hands-on experience with GRC tools (e.g., RSA Archer, ServiceNow, AuditBoard).
Familiarity with OT network infrastructure, SCADA/DCS systems, and security integration into SDLC.

Nice To Haves

Knowledge of third-party risk management and vendor compliance.
Experience in IT auditing and identity/access management.
CISSP, CISM, CISA, or equivalent.
GRC-related certifications (e.g., ISACA CRISC).

Responsibilities

Plan and scope IT compliance audits, defining objectives and selecting systems or processes for review.
Evaluate IT governance and controls, including access management, change control, backup procedures, and cybersecurity measures.
Perform audit and compliance testing, collect evidence, and validate control effectiveness.
Assess compliance with frameworks such as NIST, ISO 27001, COBIT, and regulatory standards (SOX, GDPR, HIPAA, MTSA).
Document audit findings and prepare clear, actionable reports for management.
Recommend remediation strategies and monitor corrective actions.
Collaborate with IT teams and business units to strengthen governance and risk management practices and IT controls.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume