Job DetailsJob Location: Oklahoma City Office - Oklahoma City, OK 73102Position Type: Full TimeEducation Level: 4 Year DegreeTravel Percentage: Up to 25%Job Category: Information TechnologyFlywheel Energy is seeking an experienced and driven Senior Cybersecurity Analyst to protect the data, infrastructure, and operational systems that power our ~1,000-person upstream oil and gas business. The Senior Cybersecurity Analyst will serve as a primary defender of Flywheel's digital assets, acting as the first line of response for security alerts, incidents, and vulnerabilities. Responsible for monitoring, investigating, and remediating threats across our IT and OT environments, supporting security compliance, managing key security tools, and helping build a stronger security culture across the organization.
Key Responsibilities
Security Operations & Incident Response
Serve as the primary point of contact for monitoring, acknowledging, investigating, and escalating cybersecurity alerts and incidents.
Lead or participate in incident response activities including containment, eradication, recovery, and post-incident review.
Threat & Vulnerability Management
Perform regular vulnerability assessments, penetration testing support, and security control testing across systems and networks, and address security gaps.
Track and prioritize remediation of vulnerabilities in coordination with infrastructure and application teams.
Security Tool Administration
Administer and optimize Flywheel's security stack, including:
Endpoint detection and response, threat and vulnerability management, and attack surface reduction across all managed devices.
Information Protection & Data Security — data classification, sensitivity labeling, data loss prevention (DLP), and insider risk management.
Device compliance policy enforcement, mobile device management (MDM), and endpoint security configuration.
Security awareness training program administration, phishing simulation campaigns, and employee risk reporting.
Leverage Anthropic Claude (AI) to accelerate security operations including threat research and summarization, drafting and updating SOPs and incident reports to increase team efficiency and response speed.
Security Governance, Risk & Compliance
Apply and enforce a security framework across the business, vendors, and contractors to ensure consistent compliance.
Represent security interests during acquisition and divestiture activity and system integration projects.
Monitor compliance with applicable internal and external security policies and data protection standards.
OT/IT Convergence & Energy-Specific Security
Support the security of OT and ICS/SCADA environments integral to oil and gas field operations, applying appropriate frameworks and controls.
Collaborate with cloud, network, AI, and infrastructure teams to ensure consistent security posture across hybrid environments.
Evaluate and mitigate risks associated with remote field connectivity, production systems, and operational technology platforms.
Litigation Support
Support legal hold administration in coordination with Legal and HR, including custodian identification, hold issuance, and tracking through Microsoft Purview eDiscovery — ensuring defensible, auditable processes from initiation through release.
Assist with eDiscovery data collections, processing, and production workflows following EDRM pipeline best practices from identification through production.
QualificationsRequired Qualifications
Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or equivalent professional experience.
5+ years of verifiable, progressive experience in cybersecurity, information security, or IT security operations.
Demonstrated experience managing security operations including incident response, threat analysis, and vulnerability management.
Solid understanding of network security principles including firewalls, intrusion detection/prevention, access controls, and network segmentation.
Preferred Qualifications
Knowledge of OT/IT convergence, SCADA/ICS security considerations, and relevant frameworks (NIST CSF, IEC 62443).
Additional certifications such as CISSP, CISM, or CEH are a plus.
Experience with change management and configuration activities in enterprise environments.
Willingness to perform occasional after-hours critical support and participate in an on-call rotation.