Manager, Cybersecurity - Protect

Responsibilities

• Lead and mentor a team of security analysts responsible for protective controls across IT and OT environments, providing guidance, feedback, coaching, and career development.
• Own the enterprise vulnerability management program end-to-end: discovery, prioritization (risk- and exploitability-based), remediation coordination with IT and OT asset owners, exception management, and reporting on SLA performance and risk reduction over time.
• Direct the patch management strategy in partnership with IT Operations and OT Engineering, ensuring timely deployment of security updates while respecting operational constraints in refinery environments.
• Manage the email security stack, including Microsoft Defender for Office 365 and Abnormal Security, tuning policies, evaluating efficacy, and reducing phishing and business email compromise exposure. Partner with the security awareness program to close the human layer of email risk.
• Own firewall, network segmentation, and zero-trust architecture programs, including policy lifecycle management, rule review and recertification, micro-segmentation initiatives, and IT/OT boundary protections aligned to ISA/IEC 62443.
• Oversee endpoint and server hardening programs, secure baseline configuration management, and protective controls within Microsoft Defender XDR and adjacent platforms.
• Design, implement, and continuously improve cloud security protective controls in Azure, including secure landing zones, posture management.
• Research and evaluate emerging protective technologies and techniques, providing recommendations for adoption, pilot, and integration with existing toolsets.
• Partner with the Detect/Respond function to translate threat intelligence and incident lessons learned into hardened controls, closed coverage gaps, and improved baselines.
• Collaborate with GRC, Internal Audit, IT, OT Engineering, Legal, and external partners to ensure protective controls satisfy regulatory, contractual, and organizational governance requirements (e.g., NIST CSF, NIST 800-53, ISA/IEC 62443, MTSA).
• Manage protective security projects and initiatives, ensuring timely delivery, quality outcomes, and measurable risk reduction.
• Experience and Qualifications:
• Required Education and Experience:
• Bachelor's or advanced degree in Computer Science, Information Technology, Cybersecurity, or a related field. Pertinent professional experience may substitute for the education requirement on a year-for-year basis.
• 11+ years of experience in IT security with significant depth in

Benefits

Additional Information

At Motiva, our employees' energy, passion, and dedication to excellence are what make us who we are and what allows us to generate energy that makes a house a home, gets us from point A to point B, and enables our health and wellbeing. We invest in every aspect of our employees' lives because, at Motiva, our people matter. Headquartered in Houston, Texas, Motiva refines, distributes and markets petroleum products throughout the Americas. The company's Port Arthur Manufacturing Complex in Port Arthur, TX, is comprised of North America's largest refinery with a total throughput of 720,000 barrels per day, the world's second largest base oil plant, and an integrated chemical plant. Under exclusive long-term brand licenses with Shell and Phillips 66 (for the 76® brand), Motiva's commercial operations supply more than 12 billion gallons of fuel to customers annually. Motiva is wholly owned by Aramco, one of the world's largest integrated energy and chemicals companies. Position Overview: The Cybersecurity Manager - Protect leads the team responsible for designing, implementing, and continuously improving the preventive security controls that safeguard the company's IT and OT systems, data, and identities. Aligned to the NIST Cybersecurity Framework Protect function, this role owns the programs and technologies that reduce attack surface and stop threats before they require a response - vulnerability and patch management, identity and access management, data protection, email and web security, network segmentation, endpoint hardening, and secure configuration baselines across cloud and on-premises environments. The leader partners closely with the Detect/Respond, OT Cybersecurity, GRC, and IT Infrastructure teams to ensure preventive controls are measurable, sustainable, and aligned with the company's risk appetite. A core focus is maturing the organization's protective posture, growing the technical depth of the team, and delivering measurable reductions in exploitable risk. The position reports to the Chief Information Security Officer and collaborates closely with senior leaders across the enterprise.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at motiva? Share your experience