LyondellBasell (NYSE: LYB) is one of the largest plastics, chemicals and refining companies in the world. Driven by its employees around the globe, LyondellBasell produces materials and products that are key to advancing solutions to modern challenges like enhancing food safety through lightweight and flexible packaging, protecting the purity of water supplies through stronger and more versatile pipes, improving the safety, comfort and fuel efficiency of many of the cars and trucks on the road, and ensuring the safe and effective functionality in electronics and appliances. LyondellBasell sells products into more than 100 countries and is the world's largest producer of polypropylene compounds and the largest licensor of polyolefin technologies. In 2021, LyondellBasell was named to Fortune Magazine's list of the 'World's Most Admired Companies' for the fourth consecutive year.
This role will provide Subject Matter Expertise (SME) and technical leadership for cybersecurity vulnerability management operational, analytic, and forensic tools, as well as their supporting processes, policies, and controls. You will architect and maintain the tools used uniquely in the organization that support detective, discovery, and investigative Cybersecurity services. You will perform threat analysis, risk assessments, and system configuration analysis among other duties to ensure that architecture adequately validates the organizational security posture, new solutions are secured by design, and legacy systems are adequately protected.
The successful candidate will have experience with multiple platforms and programming languages, and experience with specialized vulnerability assessment tools and processes. This role, reporting to the leader of Security Architecture and working closely with other members of the Secure Architecture team, Information Technology (IT), Manufacturing Process Automation, and Digital Transformation, will directly contribute to the global enterprise architecture and provide appropriate security solutions.
Travel: Up to 10%
Roles & Responsibilities
- Validate current and future state architectural models to assess impact across assigned Cybersecurity systems
- Create and maintain detailed information security roadmaps, architectures, and programs to significantly improve the overall security posture of the organization
- Develop, implement, and assess cybersecurity policies, standards, and guidelines to help internal customers design and implement secure solutions
- Conduct periodic architectural reviews to assess effectiveness and propose optimal alternatives as required; audit and review effectiveness of existing controls
- Lead technical evaluations, security analysis, and risk assessments
- Identify and evaluate escalated vulnerabilities and drive the normalization, correlation, and integration of internal and subscription-threat intelligence source. Analyze the organization's cyber defense procedures and configurations, and evaluates compliance with regulations and organizational directives.
- Designs and develops security solutions and processes consistent with business goals and risk tolerance.
- Perform in-depth analysis of escalated security issues and/or vulnerabilities.
- Provide expert technical support to support security and architectural problems
- Research and develop defensive cybersecurity data strategies
- Recognize and appropriately manage confidential and sensitive information
- Maintain in-depth knowledge of security trends, threats, and tools.
- Establish effective working relationships with operational stakeholders to help execute our business strategy
- A Bachelor of Science degree in a technical discipline and 3+ years of progressive experience in a cybersecurity role, or a minimum of 8+ years' experience.
- Demonstrated experience architecting complex systems related to cybersecurity tools
- Expert knowledge of advanced cyber threats, threat intelligence, and adversary methods
- Experience configuring and using Tenable (Nessus, io web app, etc.), layer 7 firewalls, and other validation and continuous control assessment tools
- Excellent written and verbal communication skills with the ability to articulate both technical and abstract concepts in a clear and concise manner
- Certified Information Systems Security Professional (CISSP), Security+, CCNA Security, or equivalent certification
- Working knowledge of the NIST Cybersecurity, MITRE ATT&CK, and ISO frameworks
- Experience as a security technologist in the Manufacturing, Petrochemical, or Oil and Gas Industries
- Excellent interpersonal skills and ability to create collaborative relationships
- Experience with Splunk, Microsoft MCAS, vulnerability scanning, and source code scanning tools
- Experience with implementing a vulnerability management program is ideal
- Strategic planning and project management skills
Builds effective teamsCollaboratesCultivates innovationCustomer focusDemonstrates courageDrives resultsEnsures accountabilityInstills trust and exemplifies integrity
Must be at least 18 years of age and must be legally authorized to work in the United States (US) on a permanent basis without visa sponsorship.
LyondellBasell does not accept or retain unsolicited résumés or phone calls and/or respond to them or to any third party representing job seekers.
LyondellBasell is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, veteran status, and other protected characteristics. The US EEO is the Law poster is available here.
Nearest Major Market: Houston