IT Audit & Governance Advisor

Contribute. Grow. Lead...with OxyChem. Looking for a challenge? Desire to achieve your true potential? OxyChem is a growing, action-oriented, safety driven chemical manufacturing company continually striving to be the best in the business while staying focused on environmental protection. The secret to our success has and will continue to be our people.

Occidental Chemical Corporation (OxyChem) is a leading North American manufacturer of polyvinyl chloride (PVC) resins, chlorine and caustic soda – key building blocks for a variety of indispensable products such as plastics, pharmaceuticals and water treatment chemicals. Other OxyChem products include caustic potash, chlorinated organics, sodium silicates, chlorinated isocyanurates and calcium chloride. OxyChem's market position is among the top three producers in the United States for the principal products it manufactures and markets. Based in Dallas, Texas, the company has manufacturing facilities in the U.S., Canada and Latin America.

In a fast-paced industry that demands precision, we create a supportive workplace where the safety and well-being of our employees are paramount. We are committed to rewarding top performers, offering very competitive pay and benefits, and providing tremendous career development opportunities.

The IT Audit & Governance Advisor is responsible for evaluating and ensuring the effectiveness of IT controls, security measures, and compliance with regulatory requirements. This role involves planning and conducting audits, identifying risks, and recommending improvements to safeguard information systems and support business objectives.

# Key Responsibilities:

- Plan and scope IT audits, defining objectives and selecting systems or processes for review.

- Evaluate IT controls, including access management, change control, backup procedures, and cybersecurity measures.

- Perform audit testing, collect evidence, and validate control effectiveness.

- Assess compliance with frameworks such as NIST, ISO 27001, COBIT, and regulatory standards (SOX, GDPR, HIPAA).

- Document audit findings and prepare clear, actionable reports for management.

- Recommend remediation strategies and monitor corrective actions.

- Collaborate with IT teams and business units to strengthen governaThe IT Audit & Governance Advisor is responsible for evaluating and ensuring the effectiveness of IT controls, security measures, and compliance with regulatory requirements. This role involves planning and conducting audits, identifying risks, and recommending improvements to safeguard information systems and support business objectives.nce and risk management practices an IT controls.

# Skills & Competencies:

- Technical Expertise: Strong understanding of IT systems, networks, and databases. Familiarity with cybersecurity principles, encryption, and access control mechanisms. Knowledge of frameworks such as COBIT, NIST, ISO 27001, and ITIL. Proficiency with audit and data analysis tools (ACL, IDEA, advanced Excel); scripting experience (Python) is a plus.

- Risk & Compliance Knowledge: Ability to assess IT risks and align controls with business objectives. Working knowledge of regulatory requirements (SOX, GDPR, HIPAA, PCI-DSS) and compliance auditing practices.

- Analytical & Problem-Solving: Strong critical thinking and attention to detail for identifying control gaps and vulnerabilities. Capability to interpret complex technical environments and recommend practical solutions.

- Soft Skills: Excellent written and verbal communication skills for translating technical findings into clear reports. Strong interpersonal skills to collaborate with IT teams, business units, and auditors. High ethical standards and professional skepticism to maintain independence and objectivity.

# Qualifications:

- Bachelor’s degree in Information Technology, Computer Science, or related field.

- Preferred certifications: CISA (Certified Information Systems Auditor), CRISC, CISSP, or equivalent.

- 5+ years of experience in IT auditing, cybersecurity compliance, or risk management.

# Preferred Qualifications:

- Experience with cloud security auditing (AWS, Azure).

- Knowledge of third-party risk management and vendor compliance.

- Familiarity with automation tools and continuous auditing techniques.

Recruitment Fraud

It has come to our attention various individuals and/or organizations are contacting people falsely pretending to recruit on behalf of Oxy. Please be aware that these recruiting scams and communications do not originate nor are they associated with our recruitment process. All Oxy job postings and offers will require a completed application through our company website.

Oxy does not charge a fee at any stage of the recruiting process. We will never:

• Ask you to pay for applications, interviews, meetings, processing, training or for any other fees

• Use recruiting or placement agencies that charge candidates an advance fee of any kind or

• Request personal information such as passport and bank account details at an early stage of our recruitment process.

We recommend against responding to unsolicited business propositions or offers from people you don't know. Do not disclose your personal or financial details. If you believe you have been the victim of a recruiting scam, please contact your local police department.

All qualified applicants will receive consideration for employment without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.