Business Information Security Officer

Location: Mumbai, IN, 400076- Req ID: 81140- Facility: Mumbai-470- Department: Business Systems Security- Division: Innovation**Basic Function**:
**Roles & Responsibilities**:

- Support for LyondellBasell’s Diversity, Equity, and Inclusion (DEI) strategy and values
- Oversee the operation of regional and local preventative systems and business / manufacturing computing systems (firewall, versions, patches, protection, certificate management, etc.)
- Ensure that all regional sites’ networks and systems comply with corporate standards; communicate threats appropriately
- Coordinate IT and manufacturing changes, etc. with site management
- Participate in Level 2 monitoring, support, and SVA (site vulnerability assessments)
- Assist in Operational Excellence assessment support and facilitate forensics investigations
- Support project design and implementation
- Ensure effective regional security awareness program implementation
- Effectively facilitate center-led (located on-site or regional) support model; security responsibilities for site’s manufacturing computing equipment
- Assist in setting technical direction and strategy for ICS systems architecture and security
- Support the management, planning and execution of budget activities
- Improve overall cyber resilience to the next level of maturity and effectiveness
- Regularly analyze LyondellBasell’s intrusion resistance and lead efforts to improve it through automation, integration, and aggregation.
- Provide information protection expertise to IT operational teams to ensure systems are properly protected and monitored by design.
- Evangelize security within LyondellBasell and drive changes needed to response to emerging threats
- Profile new and emerging threats to the IT landscape
- Serve as a member to the event response team, providing mentoring to other team members as needed, while performing Level 2 support.
- Understand security vulnerability management and the process
- Be able to conduct vulnerability assessments for the IT infrastructure

**Min. Qualifications**:

- Bachelor’s degree in an appropriate field, or equivalent professional experience
- Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise language
- Ability to collaborate and communicate effectively with both business-oriented and technology-oriented personnel
- Working knowledge of one or more of these technologies: Microsoft Windows, Active Directory, domain architecture & management, group policies, network topology and components, antivirus, SQL server, and database management
- Ability to work with mínimal supervision
- Ability to travel as required, up to 10%

**Preferred Qualifications**:

- Experience in information security, information technology (IT), or operational technology (OT)
- Experience developing and refining risk based, defense-in-depth security architectures based on established frameworks such as NIST or ISO
- Working knowledge of plant ICS systems (i.e. Modbus, OPC communications, Aspentech, PAS, Honeywell, DeltaV etc.)
- Detailed understanding of manufacturing and business systems
- Experience with security incident and event analytics and monitoring technology including regular maintenance and tuning, correlation rules, filters, lists, views, and reports
- CISSP, CCNA, or other security recognition desirable
- Intercultural competence

**Competencies**:

- Builds effective teams
Collaborates
Cultivates innovation
Customer focus
Demonstrates courage
Drives results
Ensures accountability
Instills trust and exemplifies integrity