ONEOK
Security Analyst III
ONEOK, Tulsa, Oklahoma, United States, 74145
#WeAreONEOK
-
Fortune 500 company. 100+ years in business. Leading midstream service provider. Safety first. Sustainable operations. Environmentally responsible. Employee focused.
JOB SUMMARYWe're looking for a Security Analyst III to join the Enterprise Security team at ONEOK. In this role you will join a dynamic group with diverse skills who are passionate about cybersecurity and physical security compliance. Our growing team manages, maintains, and improves all aspects of the enterprise security cybersecurity and physical security control environments.
Job Profile Summary
Responsible for the design of certain security functions within the overall information security strategy, management system processes, programs, communications, and activities throughout the organization.
Essential Functions and ResponsibilitiesDesigns and refines certain functions within the information security framework that ensures confidentiality, integrity, and availability of information assets by protecting against unauthorized use, disclosure, modification, or lossProvides guidance for certain information security functions including developing process/technology roadmaps, determining appropriate organizational awareness activities, and advising senior management on changes in the technical, legal and/or regulatory environments that may impact the security of information assetsWorks with Director of Information Security to determine the appropriate levels of information risk for the enterprise and collaborates with affected business units and key stakeholders to ensure that exposure is minimized in accordance with applicable laws and regulationsCollaborate with appropriate personnel across certain areas of the company to ensure appropriate risk levels are identified for information assets and if applicable, physical security of facilitiesLead implementation of information security policies, standards, procedures and guidelines for certain security functions. Design and operate monitoring and improvement activities to ensure ongoing compliance with internal security policies and applicable laws and regulationsDefine and implement an ongoing security risk assessment program, which will define, identify, and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement remediation plans where appropriate in certain security functions. Provide guidance of security risk assessments of third party relationships and associated corrective actionsAssist in the information security incident response process and provide guidance to senior management related to incident escalation and resolution. Assist in the preventive monitoring of potential information security threats, investigation of alleged information security breaches and, if necessary, drive appropriate response to the breachDesign, develop, implement, and maintain the identity and access management procedures to ensure proper user account provisioning. Collaborate with other information technology personnel to ensure solution designs have appropriate information security controlsAssist in the information security awareness, training, and educational activities for all personnel who have access to information assetsCollaborate with delivery teams to design, develop, and implement secure solutionsEducation
Bachelor's Degree in information technology, accounting, other related field, or an equivalent combination of formal education and the following job related experienceWork Experience
Experience in information technology, including significant security activitiesExperience developing information security and technology roadmapsExperience in a regulated sector. Familiarity with gas / utilities business processesExperience with key information security frameworks and governing bodies such as the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST)Experience researching, preparing, composing, recommendations, security documentation, flowcharts, standards, procedures, reports, and correspondenceExperience interacting, advising, and communicating effectivelyExperience analyzing information, conducting meetings, and making presentationsKnowledge, Skills and Abilities
Knowledge of: IT infrastructure environments, local and wide-area networks and application security needsAbility to: manage small to medium information security projectsAbility to: develop consensus and facilitate decision-making among senior executivesAbility to: communicate and/or exchange information; conduct oral presentationsLicenses and Certifications
CISSP Certified Information Systems Security Professional preferredCertified Information Security Manager (CISM) preferredCertified Information Systems Auditor (CISA) preferredCertified Secure Software Lifecycle Professional (CSSLP) preferredCertified Information Privacy Professional (CIPP) preferredStrength Factor Rating - Physical Demands/Requirements
Sedentary Work - Exerting up to 10 pounds of force occasionally (Occasionally: activity or condition exists up to 1/3 of the time) and/or a negligible amount of force frequently (Frequently: activity or condition exists from 1/3 to 2/3 of the time) to lift, carry, push, pull, or otherwise move objects, including the human body. Sedentary work involves sitting most of the time, but may involve walking or standing for brief periods of time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met.Strength Factor Description - Physical Demands/Requirements
Standing: Remaining on one's feet in an upright position at a work station without moving about (Occasionally)Walking: Moving about on foot (Frequently)Sitting: Remaining in a seated position (Constantly)Lifting: Raising or lowering an object from one level to another (includes upward pulling) (Occasionally)Carrying: Transporting an object, usually holding it in the hands or arms, or on the shoulder (Occasionally)Pushing: Exerting force upon an object so that the object moves away from the force (Occasionally)Pulling: Exerting force upon an object so that the object moves toward the force (includes jerking) (Occasionally)Climbing: Ladders, Stairs (Occasionally)Balancing: Maintaining body equilibrium to prevent falling (Occasionally)Stooping: Bending the body downward and forward by bending the spine at the waist (Occasionally)Kneeling: Bending the legs at the knees to come to rest on the knee or knees (Occasionally)Crouching: Bending the body downward and forward by bending the legs and spine (Occasionally)Crawling: Moving about on the hands and arms in any direction (Occasionally)Reaching: Extending hands and arms in any direction (Constantly)Handling: Seizing, holding, grasping, turning or otherwise working with the hand or hands (Manual Dexterity) (Constantly)Fingering: Picking, pinching or otherwise working with the fingers primarily (Finger Dexterity) (Constantly)Feeling: Perceiving such attributes of objects/materials as size, shape, temperature, texture, movement or pulsation by receptors in the skin, particularly those of the finger tips (Constantly)Talking: Expressing or exchanging ideas/information by means of the spoken word (Frequently)Hearing: Perceiving the nature of sound by the ear (Frequently)Tasting/Smelling: (Occasionally)Near Vision: Clarity of vision at 20 inches or less (Constantly)Far Vision: Clarity of vision at 20 feet for more (Frequently)Depth Perception: Three-dimensional vision; ability to judge distances and spatial relationships so as to see objects where and as they actually are (Frequently)Vision: Color - The ability to identify and distinguish colors (Constantly)Working Conditions/Environment
Employee is subject to inside environmental conditionsWorking Conditions
Well lighted, climate controlled areas (Constantly)Frequent repetitive motion (Constantly)CRT (Computer Monitor(s)) (Constantly)Travel
Travel in and around plant and office facilities and around job sites out-of-doors.Driving
Based on assigned tasks, employee may be assigned a company vehicle requiring the applicable driver's license
ONEOK is an equal opportunity employer committed to diversity and inclusion. All qualified applicants will receive consideration for employment without regard to race, color, sex, pregnancy, sexual orientation, age, religion, creed, national origin, gender identity, disability, military/veteran status, genetic information or any other categories protected by applicable law.
The job description is not intended to be a complete list of all responsibilities, duties or skills required for the job and is subject to review and change at any time, with or without notice, in accordance with the needs of ONEOK.
ONEOK is committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request an accommodation email HRSolutions@ONEOK.com or call 1-855-663-6547.
Expected Salary Range$98,000.00 - $148,000.00
-
Fortune 500 company. 100+ years in business. Leading midstream service provider. Safety first. Sustainable operations. Environmentally responsible. Employee focused.
JOB SUMMARYWe're looking for a Security Analyst III to join the Enterprise Security team at ONEOK. In this role you will join a dynamic group with diverse skills who are passionate about cybersecurity and physical security compliance. Our growing team manages, maintains, and improves all aspects of the enterprise security cybersecurity and physical security control environments.
Job Profile Summary
Responsible for the design of certain security functions within the overall information security strategy, management system processes, programs, communications, and activities throughout the organization.
Essential Functions and ResponsibilitiesDesigns and refines certain functions within the information security framework that ensures confidentiality, integrity, and availability of information assets by protecting against unauthorized use, disclosure, modification, or lossProvides guidance for certain information security functions including developing process/technology roadmaps, determining appropriate organizational awareness activities, and advising senior management on changes in the technical, legal and/or regulatory environments that may impact the security of information assetsWorks with Director of Information Security to determine the appropriate levels of information risk for the enterprise and collaborates with affected business units and key stakeholders to ensure that exposure is minimized in accordance with applicable laws and regulationsCollaborate with appropriate personnel across certain areas of the company to ensure appropriate risk levels are identified for information assets and if applicable, physical security of facilitiesLead implementation of information security policies, standards, procedures and guidelines for certain security functions. Design and operate monitoring and improvement activities to ensure ongoing compliance with internal security policies and applicable laws and regulationsDefine and implement an ongoing security risk assessment program, which will define, identify, and classify critical information assets, assess threats and vulnerabilities regarding those assets and implement remediation plans where appropriate in certain security functions. Provide guidance of security risk assessments of third party relationships and associated corrective actionsAssist in the information security incident response process and provide guidance to senior management related to incident escalation and resolution. Assist in the preventive monitoring of potential information security threats, investigation of alleged information security breaches and, if necessary, drive appropriate response to the breachDesign, develop, implement, and maintain the identity and access management procedures to ensure proper user account provisioning. Collaborate with other information technology personnel to ensure solution designs have appropriate information security controlsAssist in the information security awareness, training, and educational activities for all personnel who have access to information assetsCollaborate with delivery teams to design, develop, and implement secure solutionsEducation
Bachelor's Degree in information technology, accounting, other related field, or an equivalent combination of formal education and the following job related experienceWork Experience
Experience in information technology, including significant security activitiesExperience developing information security and technology roadmapsExperience in a regulated sector. Familiarity with gas / utilities business processesExperience with key information security frameworks and governing bodies such as the International Organization for Standardization (ISO) and the National Institute of Standards and Technology (NIST)Experience researching, preparing, composing, recommendations, security documentation, flowcharts, standards, procedures, reports, and correspondenceExperience interacting, advising, and communicating effectivelyExperience analyzing information, conducting meetings, and making presentationsKnowledge, Skills and Abilities
Knowledge of: IT infrastructure environments, local and wide-area networks and application security needsAbility to: manage small to medium information security projectsAbility to: develop consensus and facilitate decision-making among senior executivesAbility to: communicate and/or exchange information; conduct oral presentationsLicenses and Certifications
CISSP Certified Information Systems Security Professional preferredCertified Information Security Manager (CISM) preferredCertified Information Systems Auditor (CISA) preferredCertified Secure Software Lifecycle Professional (CSSLP) preferredCertified Information Privacy Professional (CIPP) preferredStrength Factor Rating - Physical Demands/Requirements
Sedentary Work - Exerting up to 10 pounds of force occasionally (Occasionally: activity or condition exists up to 1/3 of the time) and/or a negligible amount of force frequently (Frequently: activity or condition exists from 1/3 to 2/3 of the time) to lift, carry, push, pull, or otherwise move objects, including the human body. Sedentary work involves sitting most of the time, but may involve walking or standing for brief periods of time. Jobs are sedentary if walking and standing are required only occasionally and all other sedentary criteria are met.Strength Factor Description - Physical Demands/Requirements
Standing: Remaining on one's feet in an upright position at a work station without moving about (Occasionally)Walking: Moving about on foot (Frequently)Sitting: Remaining in a seated position (Constantly)Lifting: Raising or lowering an object from one level to another (includes upward pulling) (Occasionally)Carrying: Transporting an object, usually holding it in the hands or arms, or on the shoulder (Occasionally)Pushing: Exerting force upon an object so that the object moves away from the force (Occasionally)Pulling: Exerting force upon an object so that the object moves toward the force (includes jerking) (Occasionally)Climbing: Ladders, Stairs (Occasionally)Balancing: Maintaining body equilibrium to prevent falling (Occasionally)Stooping: Bending the body downward and forward by bending the spine at the waist (Occasionally)Kneeling: Bending the legs at the knees to come to rest on the knee or knees (Occasionally)Crouching: Bending the body downward and forward by bending the legs and spine (Occasionally)Crawling: Moving about on the hands and arms in any direction (Occasionally)Reaching: Extending hands and arms in any direction (Constantly)Handling: Seizing, holding, grasping, turning or otherwise working with the hand or hands (Manual Dexterity) (Constantly)Fingering: Picking, pinching or otherwise working with the fingers primarily (Finger Dexterity) (Constantly)Feeling: Perceiving such attributes of objects/materials as size, shape, temperature, texture, movement or pulsation by receptors in the skin, particularly those of the finger tips (Constantly)Talking: Expressing or exchanging ideas/information by means of the spoken word (Frequently)Hearing: Perceiving the nature of sound by the ear (Frequently)Tasting/Smelling: (Occasionally)Near Vision: Clarity of vision at 20 inches or less (Constantly)Far Vision: Clarity of vision at 20 feet for more (Frequently)Depth Perception: Three-dimensional vision; ability to judge distances and spatial relationships so as to see objects where and as they actually are (Frequently)Vision: Color - The ability to identify and distinguish colors (Constantly)Working Conditions/Environment
Employee is subject to inside environmental conditionsWorking Conditions
Well lighted, climate controlled areas (Constantly)Frequent repetitive motion (Constantly)CRT (Computer Monitor(s)) (Constantly)Travel
Travel in and around plant and office facilities and around job sites out-of-doors.Driving
Based on assigned tasks, employee may be assigned a company vehicle requiring the applicable driver's license
ONEOK is an equal opportunity employer committed to diversity and inclusion. All qualified applicants will receive consideration for employment without regard to race, color, sex, pregnancy, sexual orientation, age, religion, creed, national origin, gender identity, disability, military/veteran status, genetic information or any other categories protected by applicable law.
The job description is not intended to be a complete list of all responsibilities, duties or skills required for the job and is subject to review and change at any time, with or without notice, in accordance with the needs of ONEOK.
ONEOK is committed to making our workplace accessible to individuals with disabilities and will provide reasonable accommodations, upon request, for individuals to participate in the application and hiring process. To request an accommodation email HRSolutions@ONEOK.com or call 1-855-663-6547.
Expected Salary Range$98,000.00 - $148,000.00