IT Governance, Risk and Compliance Analyst

About Us Since 1920, Helmerich & Payne, Inc. (H&P) has been the industry’s most trusted partner in drilling productivity and reliability. We continue that legacy with a strategy focused on long-term profitable growth and high-quality, innovative products and services. We are committed to improving lives through efficient and responsible energy. H&P expanded its drilling optimization portfolio through strategic acquisitions, including Motive Drilling Technologies (MOTIVE), Magnetic Variation Services (MagVAR), Angus Jamieson Consulting (AJC), and DrillScan. H&P India is part of H&P’s portfolio following the acquisition of MagVAR in 2017. We drive the development of advanced technologies and directional drilling automation solutions to help customers achieve greater reliability and well performance. We are focused on leading-edge technology pushing the limits of the oil & gas industry. H&P Inc. acquired KCA Deutag and its service lines in 2025 & we are creating an organization with an enhanced global footprint, exceptional service capability, and superior technology offering.

Office Location:

Noida & Goa

Job Summary: The IT Governance, Risk and Compliance Analyst is the primary representative for H&P on all aspects of IT risk and IT audit compliance activities. This position will interface regularly with key stakeholders across the company to obtain remediation plans for risks and audit activities, track those remediation plans, gather evidence that the activities were completed successfully, and update IT Risk management metrics and KPIs.

Responsibilities: Provide continuous assessment and analysis of trends relating to risk, internal and external threats, control gaps, and unauthorized exposure of company assets to leadership. Meet with stakeholders to inform them of issues, assess appropriate mitigation and /or remediation activities, and track the agreed upon progress of those activities. Monitor industry regulatory environment, and closely related or connected industries, for changes and impacts that may affect H&P’s IT, Cybersecurity, and Data Governance efforts. Assess the associated risks for the organization and provide timely recommendations and reporting. Provide direct support, as required, for IT and Cybersecurity related compliance efforts, to ensure a culture of continuous improvement and the ability to meet H&P’s compliance requirements. Perform third-party risk assessments of our partners, vendors, and contractors Coordinate organizational responses to standardized assurance questionnaires on behalf of our customers and partners. Ensure all Cybersecurity programs and activities, to include but not limited to, Cyber Incident Response, Cyber Risk Management, Threat Management, Patch & Vulnerability Management, etc. meet or exceed best practice standards as outlined in IADC guidelines and standards, IEC 62443, NIST Cybersecurity Framework (CSF), NIST SP 800-53, and other related or applicable documentation. Work directly with Cybersecurity management in the development, tracking and reporting of Cybersecurity metrics and KPIs for IT Risk operational concerns, operational and risk tracking for management, and risk trending for Executive Leadership. Work with management to develop and maintain policies to define governance for both information technology (IT) and operational technology (OT) assets. Experience with technical writing documenting IT and OT processes within policies and standard operating procedures. Leverage metrics and KPIs, to provide leadership and cross-functional teams with actionable recommendations for improvements to systems, processes, and / or procedures that will reduce overall enterprise risk associated with computing or networking systems; and continue to drive overall behavioral changes that result in a “cyber aware” culture at H&P. Assist, as necessary, in the development, maintenance, and oversight of Cybersecurity related policies, procedures, standards, and associated documentation. Ethical, self-motivated individual with the ability to set and achieve goals Demonstrate the H&P Company Values: Actively C.A.R.E., Service Attitude, Innovative Spirit, and Teamwork.

Required Skills/Qualifications: Minimum of 3+ years of experience in auditing, risk management, oversight and reporting, or related activities. Preferably in IT or other technical spaces. Bachelor’s Degree in Computer Science, MIS, Cybersecurity or Information Assurance or equivalent. Experience and knowledge of common regulatory and risk related frameworks such as NIST CSF, NIST SP 800-171, NIST SP 800-39, ISO27001/2, SOX, COBIT, ITIL, CIS, IEC 62443 etc. Experience performing or directly supporting risk assessments (internal and external), threat and vulnerability assessments, and related activities. Working knowledge of operating systems (Windows, Linux, OSX, etc.), business applications, logging, virtualization technologies; and related server, networking, and workstation protocols and security issues. Proven ability to gather and analyze IT Risk data and provide guidance in acceptable remediation activities. Experience working within teams and with external (corporate and third-party) groups, preferably within an IT operations environment. Highly motivated, self-starting individual with ability to multi-task and manage to timelines with limited supervision in a fast paced and agile environment. Proven strong oral and written communication / presentation skills to a broad range of employees. Ability to clearly communicate and articulate technical details to IT and Engineering personnel but also simplify explanations for non-technical individuals and executives. Strong interpersonal skills that establish and sustain close working relationships with functional teams and subject matter experts both internal and external to IT.