Job SummaryThe Cloud Security Ops Analyst is responsible for the design, implementation, and maintenance of security policies for cloud-based platforms and services, as well as support and enhancement of the cloud security policy platform. This role ensures that cloud environments comply with regulatory requirements, industry standards, and best practices for information security.
The analyst collaborates with cross-functional teams (IT Security, Cloud Architecture, Cloud Engineering, and Release Engineering) to identify risks, develop mitigation strategies, and enable secure cloud adoption across the organization, while also managing and optimizing the policy platform to facilitate seamless policy deployment and enforcement. Delivering a secure agile cloud computing environment is foundational for our Digital Strategy and central to achieving the modernization of the Digital Foundation.
Position OverviewYour responsibilities may include:- Design automated security and compliance controls including Cloud Architecture, Engineering, Security Engineering and IT Security
- Review new incoming cloud services for shift-left and guard-right security controls to be implemented
- Periodically review existing cloud services for controls to be adjusted/created/retired
- Monitor, report and assign actions to responsible teams as outcomes of cloud security scans from Wiz, Azure Security Center, Amazon GuardDuty, Cloud Custodian, etc.
- Troubleshooting, diagnosing and fixing issues with existing security controls in conjunction with respective teams
- Staying current on security issues impacting cloud services, assessing impact to customers of existing services and identifying use cases for new security solutions
- Manage the review of identified security exceptions/deviations in conjunction with Cloud Architecture
- Provide guidance and training to staff on cloud security best practices and policy adherence
- Enabling the advancement of the cloud vision and strategy for ConocoPhillips
Key Relationships: - Digital Hosting Teams, including Engineering & Automation, Architecture & Security
- IT Security Team, including Security Architecture, Security Operations, IT Governance
- Business & Technical Capability Teams, including Release Engineering, Capability Owners, Product Managers and Product Owners
Success Profile To thrive in this role, you'll demonstrate the following leadership competencies:
- Drives Performance: Delivers positive results through realistic planning to accomplish goals
- Partners Collaboratively: Builds positive relationships based on trust and seeks collaboration across organizational boundaries to achieve goals
- Leads Change: Drives thoughtful and pragmatic change, inspires innovative thinking and continuous improvement, and models adaptability through resourcefulness, flexibility, and positivity
- Takes Accountability: Takes ownership of actions and follows through on commitments by holding others accountable and standing up for what is right
Required Qualifications:- Legally authorized to work in the United States
- 3 or more years of Information Technology experience
- 1 or more years of experience with major cloud providers, either Azure or AWS
- 1 or more years of experience with working with IT security controls, their design, implementation, or operation
- Willing and able (with or without reasonable accommodation) to work in a distributed/remote team environment where team members may be in different physical locations and time zones
Preferred Qualifications:- Bachelor's degree or higher in Information Security, Computer Science, Information Technology, Management Information Systems, other related business field, other related technical field, or foreign equivalent
- Relevant certifications (e.g., CCSP, CISSP, AWS Certified Security Specialty) are highly desirable
- Experience in securing IT systems in cloud-based architectures and corporate environment
- Experience in implementing CI/CD and automation
- Understanding of IT development practices and languages
- Familiarity with regulatory frameworks (e.g., GDPR, HIPAA, PCI DSS) and cloud security standards (e.g., NIST, ISO/IEC 27017)
- Hands-on experience supporting or administering a cloud security policy platform
- Experience with cloud security tools (Wiz, etc.), monitoring solutions, risk assessment methodologies, and cloud security policy platforms
- Ability to analyze complex technical concepts and translate them into effective policies and procedures
- Experience with audits against security controls
- Good analytical skills / problem solving
- Very good communication, listening and teaching skills
- Ability to work with limited direction
- Project management experience in cloud security initiatives
Apply By:Jun 25, 2026
Sponsorship: ConocoPhillips' sponsorship for employment authorization in the U.S. is NOT available for this position.
Benefits OverviewConocoPhillips offers a competitive and comprehensive benefits package designed to support your well-being and career growth:
- Taking Care of Your Health & Wellness: Medical, dental, vision, mental health support, and wellness programs.
- Supporting and Building Financial Security: Competitive base pay, annual performance bonuses, and retirement savings plans.
- Promoting Work-Life Balance: Paid time off, paid parental leave, and family support resources.
- Offering Career Development: Access to training, mentoring, and internal career mobility tools.
- Guiding Recognition & Inclusion: Peer-nominated awards, inclusive culture, and employee resource groups.
