Share this Job
Apply now »

Business Information Security Officer (m/f/d)

Company Name:  Basell Polyolefine GmbH

Wesseling, Nrth Rhine Westfalia, DE, 50389

Req ID:  74550
Facility:  Wesseling-501
Department:  Business Systems Security EU
Division:  Global Business Services

LyondellBasell is one of the largest plastics, chemicals and refining companies in the world. Every day our employees of LyondellBasell work around the clock to reliably and safely deliver the plastics, chemicals, materials, fuels and technologies that advance solutions to our world´s biggest challenges. Found in nearly every sector of the economy, the products and materials produced by LyondellBasell are key to advancing solutions. With a nearly 70-year legacy of game-changing innovation, LyondellBasell is the world´s largest licensor of polyolefin and polypropylene technologies and sells products into approximately 100 countries.

For our largest European production site in Wesseling/Knapsack near Cologne, we are looking for a


Business Information Security Officer (BISO) (m/f/d)


Basic Function 

The BISO will provide tactical direction to the regional and local sites. This role is a hands-on role that will ensure the subject matter expertise, and processes for the effective execution of global cybersecurity program, support the computing systems of site’s business and process control systems to coordinate changes and provide security and to ensure optimum integrity, confidentiality, reliability, and availability.  The role acts as the main local point of contact with the business and manufacturing in supporting the center led business systems security in the region.  This role will be a security evangelist and drive company-wide focus to prevent, detect and remediate cyber security threats. 


Roles & Responsibilities 

  • Oversee the operation of regional and local preventative systems and business / manufacturing computing systems (firewall, versions, patches, protection, certificate management, etc.) 
  • Ensure that all regional sites’ networks and systems comply with corporate standards; communicate threats appropriately 
  • Coordinate IT and manufacturing changes, etc. with site management 
  • Participate in Level 2 monitoring, support, and SVA (site vulnerability assessments) 
  • Assist in Operational Excellence assessment support and facilitate forensics investigations 
  • Support project design and implementation 
  • Ensure effective regional security awareness program implementation 
  • Effectively facilitate center-led (located on-site or regional) support model; security responsibilities for site’s manufacturing computing equipment 
  • Assist in setting technical direction and strategy for ICS systems architecture and security
  • Support the management, planning and execution of budget activities 
  • Improve overall cyber resilience to the next level of maturity and effectiveness 
  • Regularly analyze LyondellBasell’s intrusion resistance and lead efforts to improve it through automation, integration, and aggregation. 
  • Provide information protection expertise to IT operational teams to ensure systems are properly protected and monitored by design. 
  • Evangelize security within LyondellBasell and drive changes needed to response to emerging threats 
  • Profile new and emerging threats to the IT landscape 
  • Serve as a member to the event response team, providing mentoring to other team members as needed, while performing Level 2 support. 
  • Contribute ideas to the future state technology roadmap ensuring effective investments are made to enable scale, quality, and maintenance and overall cost effectiveness. 
  • Understand security vulnerability management and the process 
  • Be able to conduct vulnerability assessments for the IT infrastructure 


Min. Qualifications 

  • Bachelor’s degree in an appropriate field, or equivalent professional experience 
  • Minimum of ten (10) years of experience in information security, information technology (IT), or operational technology (OT)  
  • Experience developing and refining risk based, defense-in-depth security architectures based on established frameworks such as NIST or ISO 
  • Exceptional communication and advocacy skills, both verbal and written, with the ability to express complex and technical issues in clear and concise language 
  • Ability to collaborate and communicate effectively with both business-oriented and technology-oriented personnel 
  • Working knowledge of plant ICS systems (i.e. Modbus, OPC communications, Aspentech, PAS, Honeywell, DeltaV etc.) 
  • Working knowledge of one or more of these technologies: Microsoft Windows, Active Directory, domain architecture & management, group policies, network topology and components, antivirus, SQL server, and database management 


Preferred Qualifications 

  • Practical knowledge of different message distribution techniques to ensure end user’s understand and apply the behavioral changes necessary to reduce the ‘human factors’ risk 
  • Detailed understanding of manufacturing and business systems  
  • Ability to work with minimal supervision with demonstrated mentoring skills 
  • Ability to travel as required, up to 10% 
  • Experience with security incident and event analytics and monitoring technology including regular maintenance and tuning, correlation rules, filters, lists, views, and reports 
  • CISSP, CCNA, or other security recognition desirable 
  • Intercultural competence 


What do we offer

We offer you a job with a high level of diverse tasks and responsibilities in an international company that highly values the development of its employees, quality and safety. You get the freedom to take a range of responsibilities in a rapidly evolving environment. In addition, we offer you a competitive salary package and challenging opportunities for growth.


Would you like to apply? Just send us your motivation and resume via the application button.


Apply now »