IT Advisor - Governance & Compliance; Dallas or Houston, TX

Contribute. Grow. Lead...with Oxy Chem. Looking for a challenge? Desire to achieve your true potential? Oxy Chem is a growing, action-oriented, safety driven chemical manufacturing company continually striving to be the best in the business while staying focused on environmental protection. The secret to our success has and will continue to be our people.

Occidental Chemical Corporation (Oxy Chem) is a leading North American manufacturer of polyvinyl chloride (PVC) resins, chlorine and caustic soda - key building blocks for a variety of indispensable products such as plastics, pharmaceuticals and water treatment chemicals. Other Oxy Chem products include caustic potash, chlorinated organics, sodium silicates, chlorinated isocyanurates and calcium chloride. Oxy Chem's market position is among the top three producers in the United States for the principal products it manufactures and markets.

Based in Dallas, Texas, the company has manufacturing facilities in the U.S., Canada and Latin America.

In a fast-paced industry that demands precision, we create a supportive workplace where the safety and well-being of our employees are paramount. We are committed to rewarding top performers, offering very competitive pay and benefits, and providing tremendous career development opportunities.

We are seeking a Cybersecurity Analyst who will play a dual role in strengthening our organization's cybersecurity posture. This position combines Governance, Risk, and Compliance (GRC) responsibilities with leadership in cybersecurity awareness and cultural change initiatives. You will collaborate across IT and business units to ensure regulatory compliance, mitigate risks, and foster a strong security culture through engaging awareness programs.

• Implement governance and risk frameworks, manage IT controls, and support security audits and assessments.
• Conduct IT and business risk assessments; maintain risk registers aligned with frameworks such as NIST and ISO 27001.
• Manage corrective action plans identified in risk assessments through closure.
• Ensure compliance with regulatory requirements (e.g., MTSA, GDPR) and maintain audit readiness.
• Review cybersecurity clauses in contracts, exceptions requests, and mitigating controls.
• Develop and monitor cybersecurity KRIs and KPIs; report risk and compliance metrics to leadership.
• Support policy creation, updates, and governance initiatives to align IT security with business objectives.
• Design and manage a comprehensive Cybersecurity Awareness Program, including phishing simulations and targeted training for high-risk roles.

• Monitor Cyber Threat Intelligence sources (CISA, FBI, etc.) and propose innovative risk mitigation strategies.
• Coordinate cybersecurity assessments (maturity, risk, penetration testing).
• Maintain relationships with third‑party risk assessment providers and ensure service levels.
• Collaborate with system engineers to implement security controls and patches.

• Bachelor's degree in Management Information Systems, Computer Science, Information Security, Risk Management, or related field.
• 4-5+ years in Information Security, Cybersecurity, or GRC roles.
• Experience with frameworks like ISO 27001 and NIST 2.0.
• Proven experience in cybersecurity awareness program design and delivery.
• Strong analytical and problem‑solving abilities.
• Excellent communication and stakeholder management skills.
• Hands‑on experience with GRC tools (e.g., RSA Archer, Service Now, Audit Board).
• Knowledge of adult learning principles and e-learning platforms.
• Familiarity with OT network infrastructure, SCADA/DCS systems, and security integration into SDLC.

• Knowledge of third‑party risk management and vendor compliance.
• Experience in IT auditing and identity/access management.

• CISSP, CISM, CISA, or equivalent.
• GRC-related certifications (e.g., ISACA CRISC).

It has come to our attention various individuals and/or organizations are contacting people falsely pretending to recruit on behalf of Oxy. Please be aware that these recruiting scams and communications do…