Staffing Agency Houston - Contract & Direct Hire
  • Call us: (713) 361-1270
  • Email

IT Security Risk Management Consultant

IT Security Risk Management Consultant

Working in the nxtgenERP Security, Controls and GRC team, we establish a single view of risk and controls across the functions, leveraging our guiding principles to drive an integrated solution for nxtgenERP program and sustainability. We are changing many of our processes with the new systems. This is an opportunity to influence the way the company will do its work for decades to come and ensure that our nxtgenERP applications are managed securely.

We are seeking a skilled and motivated advisor to evaluate IT General Controls (ITGCs), consult on risks and remediation, assist with the completion of risk assessments, and managing exceptions. The ideal candidate will exhibit strategic thinking coupled with hands-on execution. They will be accountable for coordinating and/or executing, as a part of a team, controls in IT applications. This will help upholding compliance with ConocoPhillips security policies and expectations. Requires a background in IT Audit or IT Security Risk Management.

This position is preferred to be based in Bartlesville, Oklahoma or Houston, Texas, but could be remote.

• Collaborate closely with IT application support, architecture, and security teams to understand security control requirements and ensure they are effectively implemented.
• Establish clear communication channels with key stakeholders, including application owners, application analysts, and other stakeholders.
• Analyze and recommend process improvements to implement effective and sustainable IT controls.
• Coordinate the closure of any security gaps and ensure the implementation of effective mitigating controls.
• Coordinate and work effectively with internal and external auditors to help application teams respond accurately to audits.
• Coordinate the submission of new IT Risk Assessments and track the future renewals through the end of the program.
• Assist with the creation of mitigating controls and any IT policy exceptions required. And track the renewals of exceptions through the end of the program.
• Provide coordination support during the go-live phase to address any security-related issues promptly.
• Understand and interpret the Anchored Agility principles followed for nxtgenERP implementation across all phases of the project.
• Develop a comprehensive plan outlining tasks, timelines, resources, and milestones.
• Maintain accurate controls documentation, including plans, status reports, and issue logs.
• Monitor security and controls gaps to resolution.
• Willingness to take on new tasks related to the SCG team needs as conditions change.
• Prioritize effectively across competing priorities.
• Generate regular progress reports and key metrics for stakeholders and senior management.

• Bachelor’s degree or higher in Business, Technology, or another related field from an accredited college/university or at least five years of related work experience.
• Excellent communication and interpersonal skills to effectively collaborate with cross-functional teams.
• Ability to manage multiple tasks and priorities in a dynamic environment.
• Proven experience securely managing applications.
• Strong understanding of security best practices, application security, and governance around applications.
• Relevant experience implementing and/or auditing modern ERP packages (SAP, Oracle, Workday)
• Familiarity with SOX controls
• Ability to apply consultative skills in a business environment.
• Experience influencing across different organizations, time zones, fields, geographies, and leadership/staff levels.
• Experience working with auditors and responding to audits (internal and/or external)
• Willingness and ability to learn new concepts and business practices.
• Willingness to travel to any BU as required (approximately 10%)
• Strict ethics adherence and respect for confidentiality
• CISA or other similar certifications are a plus

This listing has expired.