Share this Job

Location Name: Findlay, OH or San Antonio, TX
Job/Requisition ID: 62479
Education Level: Bachelor's Required 
Relevant Experience Level: Mid Career (4-10 Years) 
Employee Group: Regular - Full Time
Employee Subgroup: Salaried Exempt



The Cybersecurity Principal (IAM) is a vital role that helps to provide assurance for Marathon Petroleum's critical assets and securely enables business functions.  This role supports the business as an Identity and Access Management (IAM) subject matter expert in a variety of ongoing projects, conducts risk assessments, coordinates and performs application administration changes, and liaises between subject matter experts for each applicable technology and internal clients.  Marathon Petroleum Corporation will be transitioning to a new IAM suite and this role will play a key role to ensure project success and continued lifecycle of IAM applications.



  • Facilitates and prioritizes assigned work including but not limited to validating requests against standards and established operational procedures, facilitating changes to security appliances and solutions, risk assessments, waivers, ensuring authenticity and authorization of requests, and coordinating required changes with responsible subject matter experts
  • Oracle and Broadcom/CA IAM application administration and management
  • Cybersecurity lead for projects to deliver IAM solutions based on defined architecture and requirements.
  • Establishes measurements and metrics to enable development of Key Performance Indicators (KPIs) and other tools to gauge the success of security administration and operations
  • Collects analytics, aggregating into useful metrics and reporting to cybersecurity operations management on a periodic basis
  • Develops standard reports and dashboards to present key operational information
  • Monitors IAM administration and operations functions for problems in quality of the delivery, operational constraints, or other issues that may negatively impact service quality; gathers supporting information and communicates to management (along with recommendations for remediation)
  • Participates in incident response activities and various cybersecurity initiatives as needed
  • Must be willing to travel as needed



  • Bachelor’s degree in technical field (Computer Science, Information Systems, Information Systems Security, Electrical Engineering, Physical Sciences) or equivalent background and experience
  • 7-9 years of broad IT experience 5+ years of experience in Identity and Access Management
  • Thorough understanding of multiple domains of Information Technology, including network infrastructure, systems administration, relational database administration, and application development
  • Experience with object-oriented programming languages
  • Well versed in cybersecurity principles, theory, and practical application in an enterprise setting
  • Ability to apply project management techniques to successfully organize tasks and initiatives
  • Advanced troubleshooting, solution design and implementation skills
  • Outstanding organizational and oral and written communications skills
  • Demonstrated ability to quickly understand new technologies and concepts
  • Ability to work in a matrix organization
  • Ability to provide detailed reporting
  • CISSP and other security certifications (i.e. CEH, ISSAP/ISSMP, CRISC, SANS)



  • Experience working directly with customers and business owners on the integration requirements including provisioning, de-provisioning, attestation and user lifecycle of the IAM platform
  • Experience with integrating Identity Connectors with on-prem and cloud applications.
  • Participates with the enhancement process for the Identity and Access Management program
  • Experience with authentication technologies including Windows Integrated Authentication, One-time Password and Federated Authentication solutions
  • Experience with advanced technical knowledge of Public Key Infrastructure (PKI) and Secure Sockets Layer (SSL)
  • Strong knowledge of SAML, LDAP, OTP and Multi-factor authentication solutions
  • Knowledge of creating and maintaining the architecture for IAM systems
  • Assists with developing strategic roadmaps for the Identity and Access Management systems and program
  • General knowledge of working with vendors and partners to effectively troubleshoot authentication issues
  • Is a self-starter with the ability to work with all levels of customer’s management with minimum direct supervision
  • Has strong presentation and communication skills; this is a critical requirement for this position. Candidate must be able to clearly communicate technical approaches and findings.


Key Technologies

  • Deep understanding of ForgeRock deployment architecture and experience installing/configuring ForgeRock AM/IG/DS
  • Background that includes CI/CD pipelines using Git, Azure DevOps, and Ansible


Technical Experience:

  • 5+ years of experience in ForgeRock AM, IG, and DS
  • Hands-on experience with identity management platforms including federation, SAML, and Oauth
  • Experience automating REST or CREST web services
  • Development of custom nodes in ForgeRock using Java/Groovy


Preferred Experience:

  • Experience with tools - RockMon, Kubernetes
  • Master’s degree in technical field (Computer Science, Information Systems,
  • Energy industry cybersecurity architecture experience 


About Marathon Petroleum Corporation


Marathon Petroleum Corporation is a leading, integrated, downstream energy company headquartered in Findlay, Ohio. The company operates the nation’s largest refining system with more than 3 million barrels per day of crude oil capacity across 16 refineries. Marathon Petroleum's marketing system includes branded locations across the United States, including Marathon branded outlets. Speedway LLC, a Marathon Petroleum subsidiary, owns and operates retail convenience stores across the United States. MPC also owns the general partner and majority limited partner interest in MPLX LP, a midstream company which owns and operates gathering, processing, and fractionation assets, as well as crude oil and light product transportation and logistics infrastructure.

Travel Expected: Up to 10%


Marathon Petroleum Company LP is an Equal Opportunity Employer and gives consideration for employment to qualified applicants without discrimination on the basis of race, color, religion, creed, sex, gender (including pregnancy, childbirth, breastfeeding or related medical conditions), sexual orientation, gender identity, gender expression, age, mental or physical disability, medical condition or AIDS/HIV status, ancestry, national origin, genetic information, military, veteran status, marital status, citizenship  or any other status protected by applicable federal, state, or local laws.  If you would like more information about your EEO rights as an applicant, click here.

If you need a reasonable accommodation for any part of the application process at Marathon Petroleum LP, please contact our Human Resources Department at Please specify the reasonable accommodation you are requesting, along with the job posting number in which you may be interested. A Human Resources representative will review your request and contact you to discuss a reasonable accommodation.

Equal Opportunity Employer: Veteran / Disability

Marathon Petroleum Company LP participates in the E-Verify program in some states in which it operates (including AL, AZ, GA, MS, NC, SC, TN, and UT). For more information before proceeding, please see details in English or Spanish. Right to Work Statement English or Spanish.

To view benefit information for Marathon Petroleum Corporation please visit

Nearest Major Market: San Antonio

Job Segment: Manager, Engineer, Electrical, Information Systems, Database, Management, Engineering, Technology