IT Audit & Governance Advisor; Dallas or Houston, TX

IT Audit & Governance Advisor (Dallas or Houston, TX)

Join to apply for the IT Audit & Governance Advisor (Dallas or Houston, TX) role at Oxy Chemical Corp

Contribute. Grow. Lead…with Oxy Chem. Looking for a challenge? Desire to achieve your true potential? Oxy Chem is a growing, action‑oriented, safety‑driven chemical manufacturing company continually striving to be best in the business while staying focused on environmental protection. The secret to our success has and will continue to be our people.

Oxy Chem, a Berkshire Hathaway company, is a leading producer of essential chemistry with operations in the U.S., Canada and Latin America. Its products support critical applications in water treatment, pharmaceuticals, healthcare, manufacturing, automotive, personal hygiene, and residential and commercial construction. Oxy Chem actively participates in the Occupational Safety and Health Administration Voluntary Protection Program, underscoring its commitment to safety. Headquartered in Dallas, Texas, Oxy Chem is a top‑three U.S. manufacturer of polyvinyl chloride, chlor‑alkali and chlorinated organic chemicals, and calcium chloride.

In a fast‑paced industry that demands precision, we create a supportive workplace where the safety and well‑being of our employees are paramount. We are committed to rewarding top performers, offering very competitive pay and benefits, and providing tremendous career development opportunities.

We are seeking an experienced IT Auditor to evaluate and enhance the effectiveness of IT controls, security measures, and compliance with regulatory requirements. This role combines IT audit responsibilities with strategic advisory functions, working closely with external and internal teams to identify and manage operational and technology risks. You will provide actionable recommendations, strengthen governance practices, and help shape the organization’s IT risk posture.

• Plan and scope IT compliance audits, defining objectives and selecting systems or processes for review.
• Evaluate IT governance and controls, including access management, change control, backup procedures, and cybersecurity measures.
• Perform audit and compliance testing, collect evidence, and validate control effectiveness.
• Assess compliance with frameworks such as NIST, ISO 27001, COBIT, and regulatory standards (SOX, GDPR, HIPAA, MTSA).
• Document audit findings and prepare clear, actionable reports for management.
• Recommend remediation strategies and monitor corrective actions.
• Collaborate with IT teams and business units to strengthen governance and risk management practices and IT controls.

• Strong understanding of IT and OT systems, networks, and databases. Familiarity with cybersecurity principles, encryption, and access control mechanisms. Knowledge of frameworks such as NIST and ISO 27001. Proficiency with audit and data‑analysis tools; scripting experience is a plus.
• Ability to assess IT risks and align controls with business objectives. Working knowledge of regulatory requirements (MTSA, SOX, GDPR, HIPAA) and compliance auditing practices.
• Strong critical thinking and attention to detail for identifying control gaps and vulnerabilities. Capability to interpret complex technical environments and recommend practical solutions.
• Excellent written and verbal communication skills for translating technical findings into clear reports. Strong interpersonal skills to collaborate with IT teams, business units, and auditors. High ethical standards and professional skepticism to maintain independence and objectivity.

• Bachelor’s degree in Management Information Systems, Computer Science, Information Security, Risk Management, or related field.
• 5+ years in IT Audit, Cybersecurity, or GRC roles.
• Experience with frameworks like ISO 27001 and NIST 2.0.
• Proven experience in cybersecurity awareness program design and delivery.
• Strong analytical and problem‑solving abilities.
• Excellent communication and stakeholder management skills.
• Hands‑on experience with GRC tools (e.g., RSA Archer, Service Now, Audit Board).
• Familiarity with OT network infrastructure, SCADA/DCS systems, and…