Sr. Manager - Cybersecurity and Identity Management
Expand Energy Corporation, Oklahoma City, OK, United States
Sr. Manager - Cybersecurity and Identity Management
Date:
Apr 10, 2026
Location:
Oklahoma City, OK, US, 73118Spring, TX, US, 77389
Company:
Expand Energy
Our core values - Stewardship, Character, Collaborate, Learn, Disrupt - are the lens through which we evaluate every business decision. As a dynamic, growing company that offers extremely competitive compensation and benefits, our employees are our most valued assets and the foundation of Expand's performance among our E&P competitors.
We seek applicants from all backgrounds to ensure we get the best, most creative talent on our team. We realize that, historically, underrepresented groups feel the need to be 100% qualified in order to apply. If you meet any combination of our requirements, we encourage you to apply. We strive to hire people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger.
Job Summary The Manager of Cybersecurity is responsible for overseeing cybersecurity processes that support the Company's enterprise technology environment, including corporate IT systems and Operational Technology (OT) environments that support field operations. Reporting to the Chief Information Officer, this role contributes to management's responsibilities for identifying, assessing, and managing material cybersecurity risks associated with information systems, digital platforms, and industrial control environments.
This position supports the Company's cybersecurity risk management strategy by overseeing cybersecurity and identity-related processes, integrating security considerations into technology operations, and supporting regulatory, audit, and disclosure obligations applicable to a publicly traded oil and gas enterprise.
Job Duties & Responsibilities Cybersecurity Risk Management & Strategy
Support the cybersecurity risk management processes by overseeing security and access-related practices across enterprise IT and OT environments
Provide risk-informed input to the CIO regarding cybersecurity considerations related to technology platforms, system architectures, and operational dependencies, including field operations
Understanding of AI and the governance required to manage the associated cybersecurity risk
Operational Technology Cybersecurity Oversight
Oversee cybersecurity practices relevant to OT environments, including supervisory control and data acquisition (SCADA) systems, and other operational platforms that interact with the physical environment
Coordinate with OT and operational stakeholders to integrate cybersecurity controls in a manner that considers performance, reliability, and safety requirements unique to industrial environments
Demonstrated ability to influence cross-functional teams of both IT and field operators to adopt security standards that meet the risk tolerance of the company
Support processes used to assess and manage cybersecurity risks in OT systems, including third-party connectivity, remote access, and system modernization initiatives, consistent with industry guidance for OT security
Identity & Access Management
Oversee identity and access management processes used to control access to enterprise and operational systems, including workforce, contractor, and third-party access
Support governance processes related to access provisioning, access review, and privileged access in both IT and OT environments
Coordinate with technology and operations teams to align identity-related controls with system availability and operational requirements while supporting cybersecurity risk management objectives
Governance & Management
Support management's role in cybersecurity governance by maintaining cybersecurity and access-related policies, standards, and procedures within the CIO organization
Collaborate with Enterprise Risk Management, Legal, and Internal Audit to align cybersecurity and identity practices with disclosed risk management and governance processes
Assist in preparing management inputs for cybersecurity-related governance forums and, as appropriate, board-level reporting
Cybersecurity Operations & Technology Alignment
Infrastructure and platform security, cloud and hybrid technology environments
Identity-enabled security controls and access governance
Vulnerability management and remediation coordination
Partner with Enterprise Architecture and IT leadership to align cybersecurity and identity practices with the Company's enterprise technology strategy
Compliance, Audit & Disclosure Support
Demonstrate an understanding of SOX controls and how to handle PII related data and other audit and regulatory requirements
Support internal and external audit activities related to cybersecurity and access controls, including systems relevant to financial reporting and regulated operations
Maintain documentation and artifacts supporting cybersecurity risk management, governance, and compliance activities
Assist in evaluating cybersecurity and access-related issues for potential risk impact and prioritization, including matters relevant to public-company disclosure considerations under SEC rules
Job Specific Skills Cybersecurity, OT & Identity Expertise
Broad knowledge of cybersecurity principles as applied to both enterprise IT and OT environments used in energy or critical infrastructure operations
Understanding of cybersecurity and access risks relating to system availability, integrity, confidentiality, and safety
Experience supporting identity and access management as a component of enterprise cybersecurity and operational risk management
Business & Communication Skills
Ability to communicate cybersecurity and access-related concepts in clear, factual, and business-relevant terms
Experience partnering with IT, OT, and business stakeholders in risk-informed decision-making
Demonstrated judgment operating in disclosure-sensitive environments
Industry & Regulatory Experience
Experience in large, complex enterprises; oil & gas, energy, or other critical-infrastructure environments strongly preferred
Familiarity with public-company cybersecurity governance, regulatory oversight, and compliance expectations
Organizational Leadership
Lead and develop personnel responsible for cybersecurity engineering, access governance, and operational support
Manage budgets and third-party resources supporting cybersecurity and identity capabilities within the CIO organization
Establish operational metrics to monitor effectiveness and maturity of cybersecurity and access-related processes over time
Education
Minimum: Bachelor's degree in Information Technology, Information Security, or a related field
Relevant professional certifications preferred (e.g., CISSP, CISM, CRISC).
Experience Minimum: 12 - 15 years related work experience
Expand Energy takes necessary action to ensure that all applicants are treated without regard to their race, color, religion, sex, sexual orientation, age, gender identity, national origin, genetic information, disability, pregnancy, military or veteran status or any other protected characteristic as established by law.
Expand Energy Corporation's operations are focused on discovering and developing its large and geographically diverse resource base of unconventional oil and natural gas assets onshore in the United States.
Nearest Major Market:
Oklahoma City
Nearest Secondary Market:
Oklahoma
Job Segment:
Compliance, Risk Management, IT Architecture, Information Technology, Internal Audit, Legal, Finance, Technology
Apr 10, 2026
Location:
Oklahoma City, OK, US, 73118Spring, TX, US, 77389
Company:
Expand Energy
Our core values - Stewardship, Character, Collaborate, Learn, Disrupt - are the lens through which we evaluate every business decision. As a dynamic, growing company that offers extremely competitive compensation and benefits, our employees are our most valued assets and the foundation of Expand's performance among our E&P competitors.
We seek applicants from all backgrounds to ensure we get the best, most creative talent on our team. We realize that, historically, underrepresented groups feel the need to be 100% qualified in order to apply. If you meet any combination of our requirements, we encourage you to apply. We strive to hire people from a wide variety of backgrounds, not just because it's the right thing to do, but because it makes our company stronger.
Job Summary The Manager of Cybersecurity is responsible for overseeing cybersecurity processes that support the Company's enterprise technology environment, including corporate IT systems and Operational Technology (OT) environments that support field operations. Reporting to the Chief Information Officer, this role contributes to management's responsibilities for identifying, assessing, and managing material cybersecurity risks associated with information systems, digital platforms, and industrial control environments.
This position supports the Company's cybersecurity risk management strategy by overseeing cybersecurity and identity-related processes, integrating security considerations into technology operations, and supporting regulatory, audit, and disclosure obligations applicable to a publicly traded oil and gas enterprise.
Job Duties & Responsibilities Cybersecurity Risk Management & Strategy
Support the cybersecurity risk management processes by overseeing security and access-related practices across enterprise IT and OT environments
Provide risk-informed input to the CIO regarding cybersecurity considerations related to technology platforms, system architectures, and operational dependencies, including field operations
Understanding of AI and the governance required to manage the associated cybersecurity risk
Operational Technology Cybersecurity Oversight
Oversee cybersecurity practices relevant to OT environments, including supervisory control and data acquisition (SCADA) systems, and other operational platforms that interact with the physical environment
Coordinate with OT and operational stakeholders to integrate cybersecurity controls in a manner that considers performance, reliability, and safety requirements unique to industrial environments
Demonstrated ability to influence cross-functional teams of both IT and field operators to adopt security standards that meet the risk tolerance of the company
Support processes used to assess and manage cybersecurity risks in OT systems, including third-party connectivity, remote access, and system modernization initiatives, consistent with industry guidance for OT security
Identity & Access Management
Oversee identity and access management processes used to control access to enterprise and operational systems, including workforce, contractor, and third-party access
Support governance processes related to access provisioning, access review, and privileged access in both IT and OT environments
Coordinate with technology and operations teams to align identity-related controls with system availability and operational requirements while supporting cybersecurity risk management objectives
Governance & Management
Support management's role in cybersecurity governance by maintaining cybersecurity and access-related policies, standards, and procedures within the CIO organization
Collaborate with Enterprise Risk Management, Legal, and Internal Audit to align cybersecurity and identity practices with disclosed risk management and governance processes
Assist in preparing management inputs for cybersecurity-related governance forums and, as appropriate, board-level reporting
Cybersecurity Operations & Technology Alignment
Infrastructure and platform security, cloud and hybrid technology environments
Identity-enabled security controls and access governance
Vulnerability management and remediation coordination
Partner with Enterprise Architecture and IT leadership to align cybersecurity and identity practices with the Company's enterprise technology strategy
Compliance, Audit & Disclosure Support
Demonstrate an understanding of SOX controls and how to handle PII related data and other audit and regulatory requirements
Support internal and external audit activities related to cybersecurity and access controls, including systems relevant to financial reporting and regulated operations
Maintain documentation and artifacts supporting cybersecurity risk management, governance, and compliance activities
Assist in evaluating cybersecurity and access-related issues for potential risk impact and prioritization, including matters relevant to public-company disclosure considerations under SEC rules
Job Specific Skills Cybersecurity, OT & Identity Expertise
Broad knowledge of cybersecurity principles as applied to both enterprise IT and OT environments used in energy or critical infrastructure operations
Understanding of cybersecurity and access risks relating to system availability, integrity, confidentiality, and safety
Experience supporting identity and access management as a component of enterprise cybersecurity and operational risk management
Business & Communication Skills
Ability to communicate cybersecurity and access-related concepts in clear, factual, and business-relevant terms
Experience partnering with IT, OT, and business stakeholders in risk-informed decision-making
Demonstrated judgment operating in disclosure-sensitive environments
Industry & Regulatory Experience
Experience in large, complex enterprises; oil & gas, energy, or other critical-infrastructure environments strongly preferred
Familiarity with public-company cybersecurity governance, regulatory oversight, and compliance expectations
Organizational Leadership
Lead and develop personnel responsible for cybersecurity engineering, access governance, and operational support
Manage budgets and third-party resources supporting cybersecurity and identity capabilities within the CIO organization
Establish operational metrics to monitor effectiveness and maturity of cybersecurity and access-related processes over time
Education
Minimum: Bachelor's degree in Information Technology, Information Security, or a related field
Relevant professional certifications preferred (e.g., CISSP, CISM, CRISC).
Experience Minimum: 12 - 15 years related work experience
Expand Energy takes necessary action to ensure that all applicants are treated without regard to their race, color, religion, sex, sexual orientation, age, gender identity, national origin, genetic information, disability, pregnancy, military or veteran status or any other protected characteristic as established by law.
Expand Energy Corporation's operations are focused on discovering and developing its large and geographically diverse resource base of unconventional oil and natural gas assets onshore in the United States.
Nearest Major Market:
Oklahoma City
Nearest Secondary Market:
Oklahoma
Job Segment:
Compliance, Risk Management, IT Architecture, Information Technology, Internal Audit, Legal, Finance, Technology