Apply now »

Lead IT Security Engineer


Poznań, PL

Req ID:  80064
Facility:  POZNAN-6731
Department:  Security Foundations
Division:  Global Business Services

LyondellBasell (NYSE: LYB) is one of the largest plastics, chemicals and refining companies in the world. Driven by its employees around the globe, LyondellBasell produces materials and products that are key to advancing solutions to modern challenges like enhancing food safety through lightweight and flexible packaging, protecting the purity of water supplies through stronger and more versatile pipes, improving the safety, comfort and fuel efficiency of many of the cars and trucks on the road, and ensuring the safe and effective functionality in electronics and appliances. LyondellBasell sells products into more than 100 countries and is the world's largest producer of polypropylene compounds and the largest licensor of polyolefin technologies. In 2022, LyondellBasell was named to Fortune magazine’s list of the “World’s Most Admired Companies” for the fifth time in a row. More information about LyondellBasell can be found at

Basic Function

This position is part of the Systems and Platforms group reporting into the Global Operations department. The primary role of this position is to support project work by evaluating, installing, implementing, and supporting security applications for the infrastructure group.   This position will directly supervise junior resources, including performance evaluations and goal setting.  The position works closely with the other infrastructure groups (networks, perimeter security, and desktop), as well as, the application teams and information protection and compliance to secure the enterprise and develop, maintain, and advance the security posture of the company.  Managing and enhancing the effectiveness of current security applications including anti-virus, anti-spyware, intrusion prevention, SSL VPN and Internet content filtering.  Experience applying, changing, revoking and performing periodic review of end user access to all applications (financial & non-financial), file servers, Internet and VPN access, and Active Directory/Azure Active Directory are required.  Managing the implementation of corporate security policies, programs, and procedures to protect information systems’ assets from intentional or inadvertent modification, disclosure or destruction.  Providing reports to management regarding the effectiveness of network and data security, and making recommendations for the adoption of new policies, procedures and technologies as required.  Managing and coordinating compliance for required industry audits.  Improving LyondellBasell’s overall security defenses by continuously identifying new technology trends intended at detecting and eliminating internal and external vulnerabilities.  This position requires a broad range of knowledge across multiple IT disciplines.

Roles & Responsibilities

•    Supervise security foundation team members, assigning day to day tasks, performance reviews, goal setting, distribution of tickets, and assigning project resources.
•    Create and maintain LyondellBasell’s infrastructure security architecture design.
•    Overall enterprise responsibility for endpoint protection, including: anti-virus, anti-spyware, intrusion prevention, host DLP, and data encryption using McAfee ePolicy Orchestrator 5.10 and Microsoft 365 Defender.
•    Maintain and develop two factor authentication infrastructure leveraging RSA Secure ID.
•    Configure and maintain Azure Active Directory SSO configurations.
•    Oversee the deployment, integration and configuration of all new security solutions, and any enhancements made to existing security solutions, to improve overall enterprise security.
•    Develop and maintain the company’s infrastructure security documents (policies, standards, baselines, guidelines and procedures).
•    Determine appropriate levels of security controls and systems monitoring.
•    Use effective measures to respond to infrastructure security alerts.
•    Understand emerging security vulnerabilities and propose appropriate countermeasures.
•    Lead and assist in advanced troubleshooting of complex issues that cross multiple domains, applying core knowledge and troubleshooting to lead group to resolution.
•    Manage workstation policies to lockdown end-points without sacrificing user experience.
•    Work with members of the IT staff to realize enterprise approach to security.
•    Perform ticket queue monitoring and prioritization.
•    After-hours / weekend work as required.
•    Assist with IT audits to support SOX and ISO 27001 certifications.
•    Facilitate the authorship and maintenance of security technology configurations and standards.
•    Create system-level security architecture and design which includes definition of technical security controls (e.g., access control, authentication, encryption, deterrence measure, etc) and definition of non-technical security controls (e.g., process and procedure) necessary to achieve the security requirements and remediate audit finding.
•    Microsoft Active Directory experience (including Group Policy creation and use of AD for automated security hardening).

Min. Qualifications

•    4-year degree (or higher) required, preferred in information technology discipline and 10+ years’ experience with Microsoft infrastructure experience.
•    10+ experience with Microsoft server technologies 
•    7-10 years in an infrastructure security role
•    6-8 years Microsoft Active Directory administration and architecture  (including Group Policy creation and use of AD for automated security hardening) .
•    5-7 experience managing and deploying anti-virus architecture.  Including integration with virtual and highly consolidated systems.
•    5-7 years’ experience with techniques and tools used to secure/harden a server's operating system and applications running on the server.
•    CISSP or equivalent preferred
•    Experience with patch management systems for Microsoft based systems.
•    Experience with authentication systems including two factor and federated systems.
•    Experience with vulnerability assessment techniques.
•    Experience with SQL database scripting and database security concepts.
•    Experience with encryption, cryptography, public key infrastructure (PKI).
•    Experience with highly sensitive systems, such as internet facing servers and process control networks.
•    Hands on experience with advanced troubleshooting tools (e.g. Procmon, WireShark, etc.)
•    Hands on experience scripting in a Windows environment preferred.
•    2 to 7 years of relevant experience in a multi-platform and networked environment


Builds effective teams
Cultivates innovation
Customer focus
Demonstrates courage
Drives results
Ensures accountability
Instills trust and exemplifies integrity

We Offer

We offer an environment where we encourage personal and professional growth and where you will be rewarded for your performance and results. You will have the possibility to work with specialist on all fields to develop innovative solutions and to extend your international network. In addition, we offer you a competitive salary and benefits package.

The Company's Global Remote Work Policy allows eligible employees the option to work up to two days a week from home.

LyondellBasell is committed to advancing diversity, equity & inclusion (DEI) to ensure a positive experience for all employees.

Application & Contact

Please send us your resume via the application button

If you would like to learn more, please feel free to contact Martyna Piechowiak, Talent Acquisition Specialist at 

#LI-MP1  #LI-Hybrid

Apply now »