LyondellBasell

Chief Information Security Officer

LyondellBasell

full-time

Posted on:

Location Type: Office

Location: Rotterdam • 🇳🇱 Netherlands

Visit company website
AI Apply
Apply

Job Level

Lead

Tech Stack

CloudCyber Security

About the role

  • Develop and execute the enterprise cybersecurity strategy aligned with the IT roadmap and business priorities.
  • Act as the principal advisor to the CIO, Board, and executive leadership on cybersecurity risk, threat intelligence, and compliance posture.
  • Integrate security into IT projects, plant modernization, cloud migrations, and digital transformation initiatives.
  • Represent information security in IT governance forums and architecture councils.
  • Lead the internal GRC function responsible for cybersecurity policy, audit, and enterprise risk management.
  • Ensure compliance with key regulatory and industry standards.
  • Conduct regular risk assessments, coordinate internal and external audits, and report findings to the CIO and executive leadership.
  • Oversee the company’s MSP, ensuring effective monitoring, threat detection, and incident response.
  • Maintain clear SLAs, KPIs, and escalation procedures, and operational metrics for the MSP’s performance.
  • Lead coordination between IT, OT, and MSP teams during security incidents, ensuring business continuity and operational safety.
  • Ensure compliance of both IT and OT networks with corporate cybersecurity policies and secure configuration standards.
  • Partner with IT infrastructure, network, and operations teams to maintain secure architectures across corporate, cloud, and plant systems.
  • Collaborate with operations and engineering to implement cybersecurity controls for industrial control systems (ICS/OT), including network segmentation, access management, and patch governance.
  • Oversee data protection, encryption, and identity management initiatives across sites.
  • Manage cybersecurity due diligence and oversight for vendors, suppliers, and partners.
  • Collaborate with Procurement and Legal to integrate security requirements into contracts and service agreements.
  • Promote cybersecurity awareness and accountability across all levels of the organization.
  • Oversee employee training programs on phishing, safe system use, and industrial cyber-physical security.
  • Engage with plant leadership and EHS (Environment, Health, and Safety) teams to align cyber and physical safety programs.
  • Manage the information security budget in coordination with the CIO.
  • Lead and mentor a small, high-performing internal team focused on governance, compliance, and strategic risk management.

Requirements

  • Bachelor’s degree in Information Security, Computer Science, Engineering, or related discipline (Master’s preferred).
  • 10+ years of experience in information security or risk management, including at least 3–5 years in a senior leadership capacity.
  • Experience in manufacturing or critical infrastructure environments (chemical, energy, or industrial sectors strongly preferred).
  • Proven success managing outsourced security operations and internal compliance teams.
  • CISSP or CISA Certification is required.
  • ISO 27001 Lead Implementer/Auditor.
Benefits
  • We offer an environment where we encourage personal and professional growth and where you will be rewarded for your performance and results.
  • You will have the possibility to work with specialists on all fields to develop innovative solutions and to extend your national and international network.
  • In addition, we offer you a competitive salary package.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cybersecurity strategyrisk managementthreat intelligencecompliancerisk assessmentsdata protectionencryptionidentity managementnetwork segmentationpatch governance
Soft skills
leadershipadvisorycollaborationcommunicationmentoringtrainingaccountabilitycoordinationstrategic thinkingproblem-solving
Certifications
CISSPCISAISO 27001 Lead ImplementerISO 27001 Auditor