The Senior IT Cybersecurity Engineer is responsible for the technical design of IT cybersecurity architectural guidelines and standards, as well as the secure implementation of IT digital technologies across platforms and product lines in Chevron. The primary responsibility is to assure IT solutions are "secure by design", with a high focus on delivering secure AI applications and digital capabilities.

Key responsibilities:

Responsibilities include but are not limited to:

• Enable digital transformation by ensuring secure-by-design principles are incorporated in the IT digital capabilities across the enterprise.
• Serve as a subject matter expert in AI security domain of Cybersecurity.
• Prepare AI security research proposals and proofs of concept for emerging technologies
• Define cybersecurity architectures for AI applications and solutions
• Create SOPs and Checklists for AI assessments.

Required Qualifications:

• Minimum 9 years related work experience in cybersecurity with increasing levels of responsibility.
• 2 years of experience in AI security with end-to-end assessment of AI applications along with security of related components.
• Specialized AI and machine learning knowledge, emphasizing secure development, threat detection for AI systems, and compliance with emerging AI regulations.

• A strong understanding of machine learning algorithms, LLM Models, neural networks, deep learning, and frameworks/libraries

• Familiarity with deploying and securing AI systems on major cloud platforms ( Azure, Google Cloud).
• Technical experience in one or more cybersecurity domains i.e. Cloud Security, Application Security, Data Security, and Identity and Access Management.
• General understanding of the cyber threat landscape

Cybersecurity Implementation Expertise

• OWASP Top 10 for LLMs : Strong understanding of the OWASP Top 10 for LLMs and mitigation strategies. Enforce secure LLM practices across development teams through training, code reviews, and automated checks.
• Ensure that AI systems comply with relevant global AI laws, data privacy regulations (like GDPR), and industry standards (such as the NIST AI Risk Management Framework).
• Work with data science, engineering, and legal teams to integrate security best practices into the AI development lifecycle and address legal and ethical concerns (e.g., bias, transparency).
• Secure SDLC Integration: Deep experience embedding security into every phase of the Software Development Lifecycle (SDLC)-from requirements gathering to deployment-ensuring compliance with organizational and regulatory standards.
• Threat Modeling & Attack Surface Analysis: Conduct threat modeling sessions during design phases using frameworks like STRIDE and DFDs. Perform attack surface analysis to identify potential entry points and recommend design-level mitigations.

Preferred Qualifications:

Preferred Education

• Bachelor's degree or master's degree in Cybersecurity, Information Technology, Information Systems, or Computer Science
• Certifications in IT Cybersecurity are highly preferred (e.g., GISP, GREM, ISSEP, OSCP or other similar certification)

Default Terms and Conditions

We respect the privacy of candidates for employment. This Privacy Notice sets forth how we will use the information we obtain when you apply for a position through this career site. If you do not consent to the terms of this Privacy Notice, please do not submit information to us.

Please access the Global Application Statements , select the country where you are applying for employment. By applying, you acknowledge that you have read and agree to the country specific statement.

Terms of Use