Oversee the integration and management of advanced security technologies and platforms, including SIEM, SOAR, EASM, vulnerability management, threat intelligence feeds, and endpoint and network security logs to enable comprehensive threat detection and response, and defensive posture assessment.
Guide and oversee the enterprise IT and cybersecurity governance frameworks that guide secure technology operations across the organization, collaborating with IT and business units to integrate security requirements into digital systems.
Oversee enterprise-wide technology risk management processes, including internal and external cyber risk assessments, M&A ventures, and mitigation planning to protect critical systems and data.
Lead the design and continuous improvement of cybersecurity processes and workflows, ensuring efficient coordination across threat hunting, monitoring, vulnerability management, and incident response teams within the CFC; and across governance, risk, and compliance within the GRC function.
Serves as the enterprise Cybersecurity Incident Commander and ensures real-time threat detection, analysis, and rapid incident response capabilities, establishing 24/7 operations, playbooks, and automated response mechanisms to minimize operational impacts in the event of an incident.
Drive compliance, governance, and reporting frameworks, monitoring risk posture and maintaining audit readiness, metrics, and executive and regulatory reporting to demonstrate effectiveness, maturity, and continuous improvement of cyber capabilities.
Education and Experience:
Bachelor's degree in Computer Science, Information T
Additional Information
An exciting career awaits you
At MPC, we're committed to being a great place to work - one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.
Position Summary:
The Cybersecurity Director is accountable for leading the organization's cybersecurity strategy, operations, and governance programs to protect critical systems, data, and business operations. This role provides senior leadership across cyber defense, governance, risk, and compliance functions, with responsibility for aligning cybersecurity monitoring, detection and response, vulnerability management, threat intelligence, technology governance, compliance, and risk management to enterprise objectives and regulatory requirements. The incumbent partners closely with senior leaders, IT, and business stakeholders to enable secure, resilient, and effective technology operations.
This position leads people leaders and specialized teams within the Cyber Fusion Center and Governance, Risk, and Compliance (GRC) functions, with accountability for talent development, performance management, succession planning, and continuous improvement of cybersecurity and GRC capabilities. The Cybersecurity Director also serves as the enterprise Cybersecurity Incident Commander, ensuring 24/7 response readiness, effective incident management, and coordinated engagement across IT, legal, audit, emergency preparedness, risk, and business teams. Additionally, the role is responsible for maintaining risk, compliance, and governance reporting, audit readiness, and executive visibility into the maturity and effectiveness of the cybersecurity program.
Accountable for business results primarily achieved through the work of others. Manages staff, sets direction, and deploys resources. Has responsibility for employee development, performance reviews, pay reviews, and staffing decisions. Accountable for business, functional or operational areas, processes, or programs.
Marathon Petroleum · San Antonio, TX