Job Description

Basic Function

HF Sinclair is seeking a Cybersecurity Governance, Risk, and Compliance Analyst in Dallas, TX who will be responsible for executing key activities supporting the cybersecurity governance, risk management, and compliance (GRC) program, ensuring the organization maintains a strong cybersecurity posture while aligning with business objectives. This role will support the shift from a compliance-driven approach to a risk-based cybersecurity strategy by establishing governance frameworks, risk management processes, and policy enforcement mechanisms.

The Cybersecurity GRC Analyst will report to the Senior Manager of Cybersecurity Governance, Risk & Compliance and collaborate with the IT Risk & Compliance team when necessary. This individual will engage in cybersecurity policy development, regulatory compliance, risk assessment, and governance enforcement.

Job Duties

Third-Party Risk Management (TPRM):

• Enhance and oversee the Third-Party Risk Management (TPRM) program, continuously ensuring vendors meet cybersecurity standards.
• Implement continuous vendor security monitoring, assessment frameworks, and tiered risk scoring models.

Governance & Policy Management:

• Develop, maintain, and enforce cybersecurity policies, standards, and governance frameworks aligned with NIST CSF, IEC 62443 (OT), CMMC, GDPR, and industry regulations (TSA, NERC-CIP, MTS, NIS2, etc.)
• Collaborate with IT Security, OT Security, Internal Audit and Enterprise Risk Management to align governance policies across business functions.

Risk Management & Compliance Oversight:

• Define and enforce risk assessment processes for IT and OT environments, shifting from a compliance-based to a risk-based security model.
• Maintain key risk and control artifacts such as the Cyber Risk Register, Controls Matrix, Cyber Risk Appetite Statement, and others as necessary.
• Establish cybersecurity risk quantification (CRQ) methodologies to measure security risks.
• Lead cybersecurity audit readiness efforts and serve as the primary interface with auditors and regulators.

Security Awareness & Governance Training:

• Develop and deliver governance training programs to ensure employees, executives, and IT/OT teams understand cybersecurity risk and compliance obligations.
• Partner with HR and Legal to embed cybersecurity governance into corporate risk awareness programs.

Metrics & Continuous Improvement:

• Define and track key cybersecurity governance KPIs to measure program effectiveness.
• Implement Continuous Control Monitoring (CCM) to ensure governance processes remain effective and adaptable to evolving threats.

• Conduct periodic cybersecurity governance assessments and audits to identify areas for improvement.

Special assignments or tasks assigned to the employee by their supervisor, as determined from time to time in their sole and complete discretion.

Experience

3-5 years of experience in cybersecurity governance, risk management, compliance, audit or similar disciplines.

Education Level

Bachelor’s degree in Cybersecurity, Information Security, Risk Management, or a related field or equivalent experience considered.

Preferred Education

Master’s degree in relevant field.

Required Skills

• Strong background in policy development, regulatory compliance, and enterprise risk management.
• Prior experience in both IT and OT cybersecurity governance is a strong plus.

Preferred Certifications:

• CISSP/CISA/CISM/CRISC
• FAIR Analyst Certification (for Cyber Risk Quantification)
• ISO 27001 Lead Implementer

Supervisory/Managerial Responsibility

N/A

Work Conditions

Office based with travel up to 20% of time is required. Subject to all weather and varying road conditions.

Benefits

HF Sinclair offers a comprehensive benefits package designed to support the well-being of our employees and their families. Our benefits include, but are not limited to, the following:

• Medical Insurance
• Vision Insurance
• Dental Insurance
• Paid Time-Off
• 401(k) Retirement Plan with match
• Educational Reimbursement
• Parental Bonding Time
• Employee Discounts

We are committed to fostering a supportive and inclusive work environment, ensuring our employees have the resources needed to thrive professionally and personally.

Benefit eligibility is governed by official plan documents, for more details visit  Total Rewards .

Our One HF Sinclair Culture:

At HF Sinclair, we are united through our One HF Sinclair Culture, which is underpinned by our five core values of Safety, Integrity, Teamwork, Ownership and Inclusion. Developed to empower our people, our five core cultural values are at the heart of everything we do and extend to how we engage our stakeholders. These values influence our decisions, shape our behaviors and keep us connected across the entire organization.

We maintain a true Safety culture for our employees, communities, environments and customers. Our goal is to make sure everyone returns home safely each day. We have a long-standing commitment to Integrity and ethical behavior and do what is right for our employees, investors, communities and the environment. We encourage employees to Step Up and Stand Out by championing a culture of Teamwork and Ownership. We foster a culture of Inclusion by encouraging diversity of experiences, viewpoints and backgrounds. What makes each of us different, together makes us stronger.

About HF Sinclair Corporation

HF Sinclair Corporation, headquartered in Dallas, Texas, is an independent energy company that produces and markets high-value light products such as gasoline, diesel fuel, jet fuel, renewable diesel and other specialty products. HF Sinclair owns and operates refineries located in Kansas, Oklahoma, New Mexico, Wyoming, Washington and Utah and markets its refined products principally in the Southwest U.S., the Rocky Mountains extending into the Pacific Northwest and in other neighboring Plains states. HF Sinclair supplies high-quality fuels to more than 1,500 branded stations and licenses the use of the Sinclair brand at more than 300 additional locations throughout the country. In addition, subsidiaries of HF Sinclair produce and market base oils and other specialized lubricants in the U.S., Canada and the Netherlands, and export products to more than 80 countries. Through its subsidiaries, HF Sinclair produces renewable diesel at two of its facilities in Wyoming and also at its facility in Artesia, New Mexico. HF Sinclair provides petroleum product and crude oil transportation, terminalling, storage and throughput services to its refineries and the petroleum industry.

Equal Opportunity Employer

HF Sinclair Corporation is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, veteran status or any other prohibited ground of discrimination.

Job Tags

Similar Jobs