Lead and manage the organization's information security program, including security governance, policies, standards, and procedures
Develop, maintain, and enforce security controls and practices to support compliance with organizational requirements and applicable regulatory frameworks
Identify, assess, and manage cybersecurity risk across enterprise systems, applications, data, cloud platforms, and identity environments
Oversee cybersecurity governance for operational technology environments, including industrial control systems, field-connected assets, edge devices, and supporting network infrastructure
Assess and manage cyber risk related to OT/ICS systems, remote connectivity, third-party operational vendors, and emerging field technologies
Oversee security monitoring across enterprise systems, networks, cloud platforms, and operational environments for threats, vulnerabilities, and suspicious activity
Lead incident response coordination for enterprise and OT/ICS security events, including investigation, containment, remediation, recovery, and escalation with external monitoring and response partners
Oversee identity and access security controls, including role-based access, provisioning governance, and periodic access reviews
Ensure ongoing compliance with cybersecurity frameworks and regulatory requirements (e.g., SOX, NIST, CIS, SOC)
Oversee IT general controls (ITGC) relevant to security and compliance, including access management, change control, privileged access, and evidence readiness for internal and external audit
Lead internal and external security audits, including control documentation, evidence preparation, remediation tracking, and follow-up on findings
Support governance and risk review for AI tools, automation, and connected technologies that access sensitive data or interact with operational environments
Oversee third-party security risk management, including vendor assessments, contract security requirements, and cybersecurity expectations for operational and field-connected service providers
Develop and deliver security awareness and training programs for employees
Provide regular reporting to leadership on security risks, incidents, control gaps, and program effectiveness
Stay current with emerging threats, technologies, and industry best practices
Maintain compliance with Health, Safety, and Environmental (HSE) policies by attending all required HSE training sessions, safety meetings, and using proper Personal Protective Equipment (PPE)
Perform other duties as assigned
Job Qualifications
Bachelor's degree in Information Security, Computer Science, Information Systems, or related field preferred
5+ years of experience in cybersecurity, information security, or IT risk management
2+ years of experience in a leadership or supervisory role preferred
Strong knowledge of cybersecurity concepts, including risk management, threat detection, and incident response
Experience with security frameworks and compliance standards (e.g., SOX, NIST, CIS, SOC)
Experience managing security tools such as SIEM, endpoint protection, identity and access management systems
Strong understanding of network security, cloud environments (e.g., Azure), and enterprise systems
Proven ability to lead cross-functional initiatives and manage security programs
Strong analytical, problem-solving, and decision-making skills
Excellent communication skills with the ability to translate technical risks to business stakeholders
ProPetro is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.
Benefits
Health insuranceVision insuranceRemote work options
Additional Information
CURRENT EMPLOYEES - Please apply using "Jobs Hub" in Workday. This career site is for external applicants only.
Job Description:
The Information Security Manager is responsible for leading and managing ProPetro's information security program across both enterprise IT and operational technology environments. This role ensures the protection of company data, systems, infrastructure, industrial control systems, and connected edge technologies by establishing and enforcing security policies, managing risk, and maintaining compliance with regulatory and internal standards. The position partners closely with IT leadership, business leadership, and external stakeholders to identify risks, respond to incidents, and strengthen the organization's overall security posture across corporate, field, and AI-enabled environments.
Propetro · Midland, TX