• World’s largest independent upstream oil and gas business
• SPIRIT values - Safety People Integrity Responsibility Innovation Teamwork
• Operations in 13 countries

ConocoPhillips is looking to hire a Jr. L48 Vulnerability Management Analyst. 

Key Responsibilities: 

• Support the team in developing and maintaining vulnerability management policies, procedures, and workflows.
• Contribute to vulnerability assessment reports for assigned Business Unit.
• Collaborate closely with digital technology teams to understand their workflows, priorities, and constraints related to vulnerability remediation.
• Develop clear and concise communication plans to inform end users about upcoming remediation activities, including expected impacts, timelines, and actions required.
• Identify and distinguish Business Unit assets from Corporate assets within the Tenable system.
• Utilize Tenable to drive remediation plans and to identify weaknesses such as missing patches, misconfigurations, and other security vulnerabilities.
• Analyze scan results generated by Tenable to prioritize vulnerabilities based on severity, potential impact, and exploitability.
• Adhere to Service Level Agreements (SLAs) and Key Performance Indicators (KPIs).
• Develop clear and comprehensive standard operating procedures and corresponding documentation in flowchart and other standard Microsoft documents.
• Provide weekly status summarizing progress and key findings.
• Stay informed about emerging security threats and vulnerability trend.

Required Skills and Experience 

• Knowledge of vulnerability assessment tools and techniques
• Familiarity with common security vulnerabilities and mitigation strategies
• Basic understanding of information security concepts and common vulnerabilities
• Strong analytical, critical thinking and problem-solving skills
• Excellent coordination and communication skills, with the ability to effectively liaise with cross-functional teams and stakeholders
• Knowledge of Windows and Linux operating systems
• Eagerness to learn and grow in the field of cybersecurity 

Preferred Skills and Experience 

• Familiarity with vulnerability management tools, e.g. Tenable and processes 
• Relevant security certifications such as CISSP, CISM, or CEH 
• Familiarity with ServiceNow Vulnerability Response, including experience leveraging the platform for incident response, ticketing, and asset management within security context. 
• Understanding of regulatory compliance requirements and/or frameworks related to cyber security, e.g. GDPR, HIPAA, PCI DSS, NIST CSF 

ConocoPhillips contract opportunities are for project-based or other short-term engagements that require specialized skills. Successful candidates for contract opportunities will not be considered employees of ConocoPhillips or any of its subsidiaries nor will candidates be eligible for employment benefits. Candidates looking for regular full-time employment opportunities should begin their search here: https://careers.conocophillips.com/