Texas sits at the heart of the global energy ecosystem, and nowhere is cybersecurity more critical than across its oil, gas, and renewable infrastructure. From upstream exploration and refining to LNG, pipelines, and grid operations, CISOs in this region are responsible for protecting some of the most complex and high-risk operational technology environments in the world.
This list highlights senior cybersecurity leaders shaping resilience across Texas energy enterprises. While many hold the formal CISO title, others operate in closely adjacent roles such as VP of cybersecurity, deputy CISO, or enterprise security leadership, positions that are equally influential in driving OT security strategy, regulatory alignment, and enterprise risk governance.
Michael Morgan — Chief Information Security Officer, Phillips 66
Michael Morgan leads the information security program at Phillips 66, where he is responsible for protecting enterprise systems, applications, and critical infrastructure. His role spans governance, cyber risk management, incident response, and long-term security strategy across one of the largest energy companies operating in Texas.
He is also deeply involved in aligning cybersecurity with business objectives, ensuring that security investments directly support operational continuity and resilience. Morgan’s leadership emphasizes structured cyber governance frameworks and board-level reporting, reflecting the growing strategic importance of security in the energy sector. His long tenure in the role has made him a steady force in shaping the company’s security maturity.
Shazad Shafi — OT Chief Information Security Officer, ExxonMobil
Shazad Shafi serves as OT CISO at ExxonMobil, focusing specifically on securing operational technology environments that underpin global energy production and refining operations. With a background spanning engineering, manufacturing, pipelines, and IT, he brings a rare blend of industrial and cybersecurity expertise to one of the world’s largest energy companies.
In his current role, he is responsible for strengthening cybersecurity resilience across refinery, chemical, and midstream environments. His work focuses on ensuring safe and uninterrupted operations by protecting critical systems from evolving cyber threats. Shafi’s deep operational background makes him particularly influential in bridging the gap between engineering reliability and cybersecurity.
Jon Raper — Chief Information Security Officer, Chevron
Jon Raper is the Chief Information Security Officer at Chevron, where he leads the company’s global cybersecurity strategy and information security posture. His role includes safeguarding enterprise systems, industrial environments, and digital infrastructure across Chevron’s worldwide operations.
He is responsible for setting strategic direction across cybersecurity governance, risk, and operations, ensuring resilience in both IT and OT environments. Raper’s leadership comes at a time when large energy firms are accelerating digital transformation while facing increasing cyber-physical threats. His focus on global coordination and operational security makes him a key figure in the energy cybersecurity landscape.
Annessa McKenzie — Chief Information Security Officer, Vice President, ConocoPhillips
Annessa McKenzie serves as CISO and Vice President at ConocoPhillips, where she also oversees enterprise architecture and infrastructure responsibilities. Her role spans cybersecurity, industrial controls, compliance, business continuity, and risk management across a global energy organization headquartered in Houston.
She is known for her broad operational scope across both IT and OT domains, including SCADA systems, supply chain security, and data privacy. McKenzie’s leadership emphasizes building trusted, business-aligned security programs that reduce risk while enabling operational efficiency. Her influence extends beyond cybersecurity into enterprise-wide architecture decisions, making her a central figure in shaping ConocoPhillips’ digital resilience strategy.
Mary Rose Martinez — Chief Information Security Officer & VP of Infrastructure, Marathon Petroleum
Mary Rose Martinez is the CISO and Vice President of IT Infrastructure at Marathon Petroleum, a Fortune 50 energy company with extensive refining and logistics operations. With over three decades of IT leadership experience, she oversees cybersecurity strategy alongside enterprise infrastructure modernization.
Her role is critical in protecting refinery operations, logistics systems, and corporate IT environments across a large industrial footprint. Martinez focuses on aligning infrastructure resilience with cybersecurity maturity, ensuring continuity across complex operational systems. Her dual responsibility across infrastructure and security positions her as a key architect of Marathon Petroleum’s digital backbone.
Jobin Matthews — Deputy CISO & Director of Cyber Threat Management, Halliburton
Jobin Matthews serves as Deputy CISO at Halliburton, where he leads cyber threat management and operational security programs for one of the world’s largest oilfield services companies. His work focuses on defending highly distributed and industrially complex environments.
He brings strong expertise in incident response, cybersecurity operations, and threat intelligence, supported by advanced academic credentials in cybersecurity from New York University. Matthews plays a key role in strengthening Halliburton’s defensive posture across global operations. His leadership is particularly important in managing risks tied to field systems and remote industrial assets.
Securing the Backbone of Texas Energy
Texas energy security is no longer just about protecting IT systems; it is about safeguarding the physical infrastructure that powers industries, cities, and national supply chains. The leaders above sit at the intersection of operational technology, enterprise risk, and national critical infrastructure protection.
From refining and LNG operations to electric grids and utility networks, these CISOs and security leaders are defining what resilience looks like in one of the world’s most strategically important energy regions. As cyber-physical threats continue to evolve, their role will only grow more central to the stability of global energy systems.