Senior Cybersecurity Engineer, OT Cybersecurity

Senior Cybersecurity Engineer, OT Cybersecurity page is loaded## Senior Cybersecurity Engineer, OT Cybersecuritylocations:
San Antonio, Texas:
Houston TX One Allen Center time type:
Full time posted on:
Posted Todaytime left to apply:
End Date:
January 12, 2026 (2 days left to apply) job requisition :
#
** An exciting career awaits you
** At MPC, we’re committed to being a great place to work – one that welcomes new ideas, encourages diverse perspectives, develops our people, and fosters a collaborative team environment.# Position Summary The Senior Cybersecurity Engineer, OT Cybersecurity plays a critical role in safeguarding Marathon Petroleum Corporation’s digital and operational assets across enterprise IT and industrial control systems (ICS/OT). This position is responsible for the use, maintenance, and enhancement of the Dragos platform optimizing threat and vulnerability management to identify, analyze, and respond to emerging cyber threats targeting both business and field operations, including refineries, pipelines, terminals, and remote industrial facilities.

Working as part of the Cyber Threat and Vulnerability Management team within the Cyber Fusion Center, the engineer will ensure the proper operation and use of the Dragos platform and associated field equipment across the OT enterprise environment allowing for the enhancement of TVM processes within the OT environment. The role requires close coordination with internal teams including threat hunting, incident response, threat intelligence, and infrastructure to ensure alignment between detection strategy, risk posture, and operational resiliency.

The ideal candidate is technically proficient, collaborative, and mission-driven, with a strong understanding of IT/OT security principles and a passion for protecting critical infrastructure within the energy sector.#

Key Responsibilities
* Conducts detailed analyses on changes to cybersecurity solutions and its relationship to internal and external systems to assess business impact and cybersecurity risk. Resolves complex multi-functional technical issues.
* Leverages cybersecurity assessments, standards and ensures compliance across security systems.
* Improves the efficiency and effectiveness of Security solutions, processes and controls in place.
* Analyzes existing processes and procedures and leads efforts for implementing improvements or remediation.
* Responsible for development and submission of Standard Operating Procedures.
* Analyzes business impacting events, performs initial investigation. Monitors networks, systems, and applications for signs of potential cybersecurity incidents.
* Investigates and analyzes the nature and scope of cyber incidents. Assists in the development of innovative and creative ideas to formulate risk mitigation and remediation plans and approaches to ensure regulatory compliance.
* Leads implementation of global security initiatives, policies, and compliance requirements. Collects and validates all security metrics and any remediation efforts associated with them.
* Manages cyber security-related consulting, guidance, and support to customers and stakeholders.
* Translates security principles to assist configuration teams with incorporating security into build and configuration processes.
* Monitors emerging IT/OT and cybersecurity technologies as well as their impact on the security landscape.#

Education and Experience
* Bachelor’s Degree in Information Technology, related field or equivalent experience.
* Professional certification, e.g. Security+, Network+, OSCP, GIAC, CEH preferred.
* 5+ years of relevant experience required
* Dragos Platform Certified User Certification required.
* Dragos ICS/OT Cybersecurity Training Certification required.
* ICS/OT Cybersecurity certifications such as GCISP and GRID preferred.# Skills
* ** Authentic Communicator** - Expresses ideas and information, both verbally and in writing, clearly and credibly. Listens to understand and fosters constructive dialogue.
* ** Cybersecurity Risk Management** - The process of developing cyber risk assessment and treatment techniques that can effectively pre-empt and identify significant security loopholes and weaknesses, demonstrating the business risks associated with these loopholes and providing risk treatment and prioritization strategies to effectively address the cyber-related risks, threats and vulnerabilities, ensuring appropriate levels of protection, confidentiality, integrity and privacy in alignment with the security framework.
* ** General Programming** - Applies a computer language to communicate with computers using a set of instructions and to automate the execution of tasks.
* ** Intrusion Detection**
* ** Penetration Testing** - The practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Penetration testing can be automated with software applications or performed manually.
* ** Relationship Management** - Relationship…