Company: Chevron
Skills: Security
Experience: 5 + Years
Education: High School/Secondary
Employment Type: Full Time Contractor
Location: Makati, Metro Manila, Philippines

In order to apply for this position, applicants MUST meet the following criteria. If your resume does not match these criteria, you will not be able to apply for this position.

Chevron Holdings Inc. (CHI) is a pioneer and leading multi-function Shared Services Center in the Philippines located in Makati City. With a workforce of more than 1,000, CHI delivers business services and solutions in areas such as finance, human resources, procurement, marketing support and information technology.

Chevron is accepting online applications for the position ofIT Business Analyst throughFebruary 4, 2020 at 11:59 p.m. (Eastern Standard Time).

The Application Security Team at Chevron fully leverages the agility and responsiveness of a DevSecOps approach, we play an integrated role in the full life cycle of our applications. The team provides leadership and direction on the use of current and emerging technologies, with emphasis on application security and software engineering, based on best practices and standards relevant to Chevron and provides guidance on best practices and standards throughout the System Development Lifecycle process including requirements, design, development, quality assurance, and deployment.

  • Subject matter expert on software development processes, best practices, and secure coding standards
  • Ensure the enterprise is following application security requirements and principles, secure coding standards and best practices
  • Identify tools and automate rules into DevSecOps pipelines to enable guardrails; ensure coding practices are followed and vulnerabilities & risks are identified early and remediated appropriately based on risk.
  • Work with DevSecOps teams and engineers to integrate security solutions into continuous delivery frameworks
  • Assist application teams in migrating security controls to cloud (Azure, AWS, etc.)
  • Provide support to scan using different development IDE's (i.e., Visual Studio 2005-2015 & Eclipse)
  • Facilitate competency development for Application Professional role (Application Developer and Application Support Analyst)
  • Active leadership and participation in the Application Security Technical Network (ASTN) and Software Engineering Community of Practice; connect to other CoPs
  • Maintain secure coding standards
  • Stay current on application security and associated cross-functional issues.
  • Provide operational support for Application Security technologies (MicroFocus Fortify), and consulting for remediation of application security issues
  • Support and evolve the inclusion of appropriate application security clauses in Chevron contracts (working with Procurement and Legal)
  • Continue evolution of app security maturity expectations and OC for the enterprise; measure CVX app security maturity; maintain relationship(s) with app security training provider and consult on content development
  • Provide System Development Lifecycle (SDLC) tools and process consulting to projects and teams to ensure secure design and code

Required Qualifications:
  • Minimum 5+ years of hands-on experience with formal application development project execution
  • Technical Skills: 5+ years of hands-on design and development experience using Microsoft Development Technology stack, in particular .NET, SCM, MVC, WCF; SOA; Java-based technology, workflow and reporting technologies; database technologies such as Oracle and SQL Server
  • Experience mitigating vulnerabilities in OWASP Top 10 and knowledge of other industry standard vulnerability lists (i.e. SANS 25, etc.)
  • Experience finding known vulnerabilities and where they are listed for the industry (i.e. cve.mitre, NIST, etc.)
  • Application developer background
  • Familiar with the DevSecOps (CI/CD Pipleline) approach, and Agile Methodology
  • Knowledge of development languages (E.g ASP, C/C++, .Net, Java, Cobol, Javascript, PHP, Python, T-SQL)
  • In-depth understanding of industry standard lists of vulnerabilities (i.e. OWASP Top 10)
  • Exposure to Cloud (Azure, AWS, etc.) security controls
  • Strong communication and presentation skills including the ability to interface across the IT function, and with business partners and external parties across the world at an appropriate level of detail
  • Motivation to learn new technologies quickly.
  • Results oriented with strong focus on execution.
  • Ability to prioritize work, and juggle multiple complex tasks.
  • Ability to work collaboratively within a team of high value added individual contributors.
  • Self-starter with ability to work independently but in alignment with team goals.
  • Must thrive in a fast-paced, multi-tasking environment with increasing demands between operational and projects tasks.
  • Critical thinking and problem solving are vital.
  • Comprehension of various development paradigms such as Object Oriented Programming, Web-Oriented Architecture, etc.
  • Experience building standard operating procedures and processes.

Chevron participates in E-Verify in certain locations as required by law.

Chevron is one of the world’s leading integrated energy companies. Our success is driven by our people and their commitment to get results the right way – by operating responsibly, executing with excellence, applying innovative technologies and capturing new opportunities for profitable growth. Some of our specialties include generating power and produce geothermal energy; investing in profitable renewable energy and energy efficiency solutions; and developing the energy resources of the future, including researching advanced biofuels.


Our diverse and highly skilled workforce consists of approximately 64,700 employees, including more than 3,200 service station employees. At Chevron, we’re focused on safely delivering the energy needed to power human and economic progress worldwide. But how do we do that when harnessing fossil fuels can be inherently risky? To meet these challenges, Chevron has spent more than 20 years expanding systems that support a culture of safety and environmental stewardship that strives to achieve unequaled performance and prevent all serious incidents and fatalities. We call this Operational Excellence, and it drives everything we do. 


Diversity & Inclusion

We’re committed to reflecting in our workforce the rich diversity of cultures and racial and ethnic backgrounds in the communities where we live and work. We’re also devoted to encouraging a diversity of ideas.


Diversity is one of the cornerstones of our values, which we call The Chevron Way. The Chevron Way states:


“We learn from and respect the cultures in which we work. We value and demonstrate respect for the uniqueness of individuals and the varied perspectives and talents they provide. We have an inclusive work environment and actively embrace a diversity of people, ideas, talents and experiences.”


As a core value, diversity is critical to developing a talented, high-performing workforce needed for ongoing business success. The Chevron Way’s focus on people has helped establish a culture that attracts, develops and retains more diverse talent.


We Support Career & Personal Development

We value the importance of managing work/life priorities by offering flexible work schedules, on-site child care at some facilities, adoption assistance, dual-career couple support, scholarships and tuition reimbursement.


At Chevron, you’ll find a workplace committed to your professional development. You’ll receive support and tools to create your own career path, including education assistance support which pays up to 75% of the cost (including tuition, textbooks, lab fees, and registration and administration fees) for approved courses. To strengthen organizational capability, we develop our employees’ and contractors’ skills and experience through our Invest in People strategy. As part of this strategy, discussions focused on continually improving individual performance are held between managers and employees.




Chevron placed 3rd in the 2019 Rigzone Ideal Employer Rankings -  find out more here.