GRC Analyst, Senior

At H&P our people are our strength.

Since 1920Helmerich and Paynehas been the industrys most trusted partner in drillingproductivity and reliability. As the world changes so does our approach. We are changing the landscape of drilling by using cutting-edge rig technologies and drilling solutions to build upon a century ofsuccess all while continuing to deliver better outcomes for our customers.

At H&P our people are our strength. We strive to continually lead with our Core Values that enable employees to develop on their H&P Journey. We believe that doing the right thing means creating a more diverse equitable and inclusive workplace that empowers our people to bring their authentic selves to work every day.

Some companies offer career paths. We offer a Journey of a Lifetime. Lets go far together.

Hear directly from our employees and leaders about theirunique journeys at Helmerich and Payne.

At a Glance:

The Governance Risk and Compliance Analyst Senior is a representative for H&P on all aspects of IT risk and IT audit compliance activities. This position will interface regularly with key stakeholders across the company to obtain remediation plans for risks and audit activities track those remediation plans gather evidence that the activities were completed successfully and update IT Risk management metrics and KPIs.

Location: Tulsa OK

Work Type: Hybrid

#LI-Hybrid

What you will do:

• Provide continuous assessment and analysis of trends relating to risk internal and external threats control gaps and unauthorized exposure of company assets to leadership. Meet with stakeholders to inform them of issues assess appropriate mitigation and /or remediation activities and track the agreed upon progress of those activities
• Monitor industry regulatory environment and closely related or connected industries for changes and impacts that may affect H&Ps IT Cybersecurity and Data Governance efforts. Assess the associated risks for the organization and provide timely recommendations and reporting
• Provide direct support as required for IT and Cybersecurity related compliance efforts to ensure a culture of continuous improvement and the ability to meet H&Ps compliance requirements
• Perform third-party risk assessments of our partners vendors and contractors
• Coordinate organizational responses to standardized assurance questionnaires on behalf of our customers and partners
• Ensure all Cybersecurity programs and activities to include but not limited to Cyber Incident Response Cyber Risk Management Threat Management Patch and Vulnerability Management etc. meet or exceed best practice standards as outlined in IADC guidelines and standards IEC 62443 NIST Cybersecurity Framework (CSF) NIST SP 800-53 and other related or applicable documentation
• Work directly with Cybersecurity management in the development tracking and reporting of Cybersecurity metrics and KPIs for IT Risk operational concerns operational and risk tracking for management and risk trending for Executive Leadership
• Work with management to develop and maintain policies to define governance for both information technology (IT) and operational technology (OT) assets.
• Experience with technical writing documenting IT and OT processes within policies and standard operating procedures.
• Leverage metrics and KPIs to provide leadership and cross-functional teams with actionable recommendations for improvements to systems processes and / or procedures that will reduce overall enterprise risk associated with computing or networking systems; and continue to drive overall behavioral changes that result in a cyber aware culture at H&P
• Assist as necessary in the development maintenance and oversight of Cybersecurity related policies procedures standards and associated documentation
• Demonstrate the H&P Company Values: Actively C.A.R.E. Service Attitude Innovative Spirit and Teamwork

What you will need:

• Bachelors Degree in Computer Science MIS Cybersecurity or Information Assurance or equivalent- required
• Minimum of 3 years of experience in auditing risk management oversight and reporting or related activities. Preferably in IT or other technical spaces
• Experience and knowledge of common regulatory and risk related frameworks such as NIST CSF NIST SP 800-171 NIST SP 800-39 ISO27001/2 SOX COBIT ITIL CIS IEC 62443 etc.
• Experience performing or directly supporting risk assessments (internal and external) threat and vulnerability assessments and related activities
• Working knowledge of operating systems (Windows Linux OSX etc.) business applications logging virtualization technologies; and related server networking and workstation protocols and security issues
• Proven ability to gather and analyze IT Risk data and provide guidance in acceptable remediation activities
• Experience working within teams and with external (corporate and third-party) groups preferably within an IT operations environment
• Highly motivated self-starting individual with ability to multi-task and manage to timelines with limited supervision in a fast paced and agile environment
• Proven strong oral and written communication / presentation skills to a broad range of employees. Ability to clearly communicate and articulate technical details to IT and Engineering personnel but also simplify explanations for non-technical individuals and executives
• Strong interpersonal skills that establish and sustain close working relationships with functional teams and subject matter experts both internal and external to IT

What we offer:

At H&P our commitment to our people is at the forefront and that includes benefits that provide employees a sense of health and financial security. We know that life continues outside of employment and actively caring of our people is our priority.

• Flexible Spending or Health Savings Accounts
• 401k match
• Paid Leave Plans
• Parental & Adoption Benefits
• Disability Coverage
• Employee Assistance Program
• Educational Assistance
• Learning & Development Opportunities
• Flex-scheduling available for qualifying positions to achieve work-life integration
• Comprehensive medical dental vision and life insurance

The job level and associated compensation for this position will be determined based on the candidates experience qualifications and alignment with the roles requirements. Final compensation for this role may vary depending on individual factors.

H&P is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race color religion sex national origin age sexual orientation gender identity gender expression veteran status or disability.

Thank you for your interest in joining our team!