Business Information Security Officer

LyondellBasell is a leader in the global chemical industry creating solutions for everyday sustainable living. With a nearly 70-year legacy that includes a Nobel Prize in Chemistry and our proprietary MoReTec recycling technology, LYB is enabling a more sustainable future for generations to come.  LYB develops high-quality and innovative products for applications ranging from sustainable transportation and food safety to clean water and quality healthcare. LYB places high priority on diversity, equity and inclusion and is Advancing Good with an emphasis on our planet, the communities where we operate and our future workforce. We're addressing the global challenges of ending plastic waste, taking climate action, and supporting a thriving society, while generating value for our customers, investors, and society.

The BISO provides tactical direction to regional and local sites to identify and mitigate digital risks and prevent, detect, and remediate cyber security threats. This improves the overall company-wide security posture. This role is a hands-on role that ensures the subject matter expertise, and processes for the effective execution of global cybersecurity program in the OT environments. The BISO supports the computing systems of the site's Business and Manufacturing environments and coordinates changes, provides security and ensures optimum reliability, availability, integrity and confidentiality. This role acts locally as the main focal point for the business and manufacturing organization and supports the center-led business systems security in the region. Work-life balance is offered consistent with LyondellBasell's Flexible Work Policies.

• Oversee the operation of regional and local IT and ICS computing systems and security software including hardware and software lifecycle (Firewall, Anti Malware, Patch and Asset Management[PM1.1][bdVD1.2], etc.).
• Ensure that all regional sites' networks and systems comply with Corporate and Industry[PM2.1][bdVD2.2] standards;
• Contribute to internal documentation and standards (build documents, operational excellence, Disaster Recovery, Business Continuity, security whitepapers, Technical Designs)
• Help to validate the translation of the company policies from English into the local language (spoken by the BISOs as their first language) as optional if they have the capabilities.
• Advise or consult on OT changes initiated by IT and Site Management.
• Participate in Purdue Level 2 and 3  monitoring[KJL3.1], including the review, validation and reporting of security metrics.
• Assist in Operational Excellence audit support, Site Vulnerability Assessments and Cyber Process Hazard Analysis.
• Facilitate forensics investigations and incident follow-up.
• Support the design, implementation and documentation of (security) OT and M&A projects and initiatives.
• Ensure effective regional security awareness program implementation and training.
• Improve overall cyber resilience to the next level of maturity and effectiveness according with the defined BSS roadmap.
• Regularly analyze LyondellBasell's intrusion protection processes and lead efforts to improve it through automation, integration, and aggregation.
• Provide information protection expertise to IT operational teams to ensure systems are properly protected and monitored by design. Communicate threats appropriately.
• Profile new and emerging threats to the IT landscape and drive changes needed in response.
• Serve as a member to the event response team, providing mentoring to other team members as needed, while performing Level 2 support.
• Contribute ideas to the future state technology roadmap ensuring effective investments are made to enable scale, quality, and maintenance and overall cost effectiveness.
• Assist in setting technical direction and strategy for ICS systems architecture and security.
• Understand the security vulnerability management process and be able to conduct vulnerability assessments for the IT and ICS infrastructure, including mitigation and patch testing.

• Bachelor's degree in an appropriate field, or equivalent professional 6-8 years of technical experience
• Support for LyondellBasell's Diversity, Equity, and Inclusion (DEI) strategy and values.
• Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise language
• Ability to collaborate and communicate effectively with both business-oriented and technology-oriented personnel
• Working knowledge of one or more of these technologies: Microsoft Windows, Active Directory architecture & management, Group Policies, network topology, Anti Malware, SQLServer Database Management, virtualization, Manufacturing Execution Systems.
• Ability to perform field work for site assessments including visiting control rooms, rail yards, network closets, offices, and inspections of external perimeter fencing in a variety of physical locations – requiring walking for extended distances, walking over uneven terrain, and wearing protective equipment (PPE)

Preferred Qualifications:

• Experience in information security, information technology (IT), or operational technology (OT)
• Experience developing and refining risk based, defense-in-depth security architectures based on established frameworks such as NIST, ISO27001 or IEC62443
• Working knowledge of plant ICS systems (i.e. Modbus, OPC, AspenTech, OSI PI, Sample Manager, PAS Alarm Management, Honeywell, DeltaV, Yokogawa, Siemens, Schneider, etc.)
• Practical knowledge of different message distribution techniques to ensure end users understand and apply the behavioral changes necessary to reduce the 'human factors' risk
• Detailed understanding of manufacturing and business systems
• Ability to work with minimal supervision with demonstrated mentoring skills
• Ability to travel as required, up to 10%

Learn more about our benefits:  Benefits/Health & Welfare | LyondellBasell

Stay Connected

• Visit our LYB Website
• Follow us on LinkedIn and Instagram
• Like us on Facebook
• Subscribe to our YouTube channel
  
  LyondellBasell is an equal opportunity employer.  We evaluate qualified applicants without regard to race, color, religion, sex (including pregnancy), sexual orientation, gender identity, national origin, disability, age, veteran status, and other legally protected characteristics.  The US EEO is the Law poster is available here.
  
  LYB is committed to providing reasonable accommodations for qualified individuals with disabilities. If you need assistance or an accommodation related to LYB's recruiting process, please email us at
   
  Applicants must be at least 18 years old.
  
  LyondellBasell does not accept or retain unsolicited résumés or phone calls and/or respond to them or to any third party representing job seekers.
  
  Privacy Statement: For information regarding how LyondellBasell processes your personal data, please read our Privacy Statement.

Regulatory Disclosure

• The compensation and reference to benefits for this role is listed on this posting in compliance with applicable law. Please note that the compensation and benefits listed below are only applicable for U.S. payroll offers.
• The anticipated salary range for this position is 111, , The selected candidate's compensation will be determined based on their skills, experience, and qualifications.