Apply now »

GRC Sr. Analyst

Location: 

Poznań, PL, 60-829

Req ID:  79457
Facility:  POZNAN-6731
Department:  Governance, Risk & Compliance
Division:  Global Business Services

LyondellBasell (NYSE: LYB) is one of the largest plastics, chemicals and refining companies in the world. Driven by its employees around the globe, LyondellBasell produces materials and products that are key to advancing solutions to modern challenges like enhancing food safety through lightweight and flexible packaging, protecting the purity of water supplies through stronger and more versatile pipes, improving the safety, comfort and fuel efficiency of many of the cars and trucks on the road, and ensuring the safe and effective functionality in electronics and appliances. LyondellBasell sells products into more than 100 countries and is the world's largest producer of polypropylene compounds and the largest licensor of polyolefin technologies. In 2022, LyondellBasell was named to Fortune Magazine's list of the "World's Most Admired Companies" for the fifth consecutive year.

Basic Function

The IT GRC Senior Analyst will be responsible for providing both tactical and strategic leadership in the enhancement of the IT organization’s governance, risk and compliance program.  The IT GRC Senior Analyst will work closely with the Information Technology, Global Centers of Excellence, Procurement and Operational Technology groups ensuring conformity with our Information, Communication, and Technology (ICT) Standard and related policies.  This role will provide guidance and support initiatives leading to the adoption and execution of new and existing IT operational and information protection requirements. Applicant will serve as a consultant to process owners, providing expertise with respect to risks and controls, analyzing the impact of process changes on the control structure, managing components of global processes, performing various risk based assessments, and bringing forth opportunities to better the business and influence decisions regarding IT governance, compliance and cybersecurity.

Roles & Responsibilities

•    Lead the development, implementation, and maintenance of an effective information protection governance and risk management program to support current and future needs. 
•    Enhance and maintain LYB’s IT risk assessment program to evaluate IT compliance and operational risks that require follow-up, investigations, or risk management strategies. 
•    Continually improve LYB’s information security management system within the context of the ISO 27001 standard.  Support annual ISO 27001 and other external audits.   
•    Serve as IT policy and standards subject matter expert reviewing policies and standards against emerging threats, legislative and regulatory changes, and customer expectations ensuring information protection priorities are considered throughout the portfolio. 
•    Coordinate the annual review of IT policies and standards, processes, controls, disaster recovery plans and business continuity plans, working with the “owners” to make revisions and updates (as needed). 
•    Serve as a consultant to process owners, providing expertise with respect to risks and controls, analyzing the impact of process changes on the control structure, evaluating compliance requirements for industry or regulatory mandates and driving solutions to process owner barriers. 
•    Champion and maintain group’s role in third party risk management as it relates specifically to information protection/cybersecurity, performing third party risk assessments, documenting findings and managing continuous monitoring. 
•    Manage the company’s risk management, governance and compliance systems and/or tools in regard to the areas of information security, policy, compliance, and risk management. 
•    Participate in annual IT disaster recovery and Cybersecurity business continuity planning, training and testing initiatives. 
•    Support the creation, generation, monitoring and reporting of GRC program and individual performance metrics and KPIs. 
•    Other duties as assigned. 

Min. Qualifications

•    Bachelor’s degree in computer science, information systems, business administration, or related field  
•    5+ years of practical experience in IT Compliance, Governance Management, IT Audit, Third Party Risk Management, and/or IT Disaster Recovery.
•    Three to five years of experience related to process design and improvement as well as mapping of control frameworks to regulatory/industry standards such as ISO, COBIT, COSO, and NIST guidelines.  
•    Technical skills & knowledge  
o    Strong competency with SOX, COBIT, ITIL, ISO 27002 policy frameworks and compliance 
o    Developing and maintaining global standards 
o    Performing risk assessments 
•    Strong communication and interpersonal skills 
•    Detailed oriented and proficient in written and oral communications 
•    Ability to work efficiently and independently with minimal supervision or guidance. 
•    Proficiency to give and receive feedback to peers and subordinates appropriately.  Mentor on IT-related processes and business drivers 
•    Problem-solving, negotiation and decision-making skills to influence management, as well as internal and external partners 
•    Intercultural competence 

Preferred Qualifications

•    CISSP, QSA, CISA  or other security recognition desirable 
•    Working knowledge of an ERP system (e.g. SAP) desirable 

Competencies

Builds effective teams
Collaborates
Cultivates innovation
Customer focus
Demonstrates courage
Drives results
Ensures accountability
Instills trust and exemplifies integrity

We Offer

We offer an environment where we encourage personal and professional growth and where you will be rewarded for your performance and results. You will have the possibility to work with specialist on all fields to develop innovative solutions and to extend your national and international network. In addition, we offer you a competitive salary and benefits package.

The Company's Global Remote Work Policy allows eligible employees the option to work up to two days a week from home.

LyondellBasell is committed to advancing diversity, equity & inclusion (DEI) to ensure a positive experience for all employees.
 

Application & Contact

Please send us your resume via the application button

If you would like to learn more, please feel free to contact Martyna Piechowiak, Talent Acquisition Specialist at martyna.piechowiak@lyondellbasell.com 

#LI-MP1  #LI-Hybrid

Apply now »