Cybersecurity Operations Manager

Job Summary:

The Cybersecurity Operations Manager will lead Western Midstream’s cybersecurity operations program, ensuring IT and OT systems are secure. This role is responsible for developing and executing security strategies, managing a team of cybersecurity professionals, and implementing technologies that protect critical infrastructure.  This role requires expansive technical knowledge and experience with enterprise security technologies, as well as robust communications and interpersonal skills.

*The Cybersecurity Manager will work across several areas of responsibility:

Strategic Leadership:

• Lead and mentor staff, fostering a culture of security awareness and continuous improvement
• Develop and maintain the WES’s cybersecurity roadmap aligned with business objectives and regulatory requirements (e.g., TSA Security Directives, SOX)
• Oversee operational processes and report cybersecurity posture to senior leadership
• Management of MSSP resources and relationship(s)
• Direct day-to-day security operations, including monitoring, incident response, and vulnerability management across IT and OT environments
• Align activities with industry frameworks such as NIST CSF, ISO/IEC, and C2M2

Technology Oversight:

• Drive secure-by-design principles for new technology deployments
• Monitoring & optimization of core security technologies:

• • Network & Endpoint Security
  • Identity & Access Management
  • Cloud Security
  • Data Protection & Backup
  • System Monitoring & Automation
  • SIEM & Threat Detection
  • Vulnerability Management

Risk Management & Compliance:

• Conduct technical risk assessments, pen-tests, & vulnerability scans
• Contribute to risk register and manage technical remediations

Skills & Competencies:

• Strong understanding of cybersecurity principles and techniques used to secure networks, identities, servers, services, & endpoints
• Ability to assess complex security challenges and develop cost-effective mitigation strategies
• Strong written and verbal skills for reporting, presenting, and influencing stakeholders
• Skilled in handling incidents under pressure and making sound decisions quickly
• Ability to manage multiple initiatives, prioritize tasks, and deliver results on time
• Ability to work collaboratively with IT / OT system admins, compliance stakeholders, and business departments

Qualifications:

• 5+ years of relevant cybersecurity leadership experience
• Bachelor's degree in Cybersecurity, Computer Science, Information Technology, Engineering, or similar technical field of study
• Expertise in IT/OT security integration within the energy or midstream sector
• Demonstrated knowledge of expertise in cybersecurity operations, including SOC/MSSP engagement, Incident Response, SIEM & EDR configuration, Vulnerability Management, etc.
• Familiarity with regulatory frameworks and TSA cybersecurity directives
• Experience managing small teams and interacting with business partners
• Oil and Gas industry experience required

Travel Requirements:

• Minimum travel of 5-10% may be required.

Work Schedule:

• This position will work 9 hours Monday – Thursday and 4 hours on Friday. The position will work a hybrid schedule. Some flexibility to work off-hours maintenance as required.