Chief Information Security Officer

LyondellBasellis a leader in the global chemical industry creating solutions for everyday sustainable living. With a nearly 70-yearlegacy that includes a Nobel Prize in Chemistry and our proprietaryMoReTecrecycling technology, LYB is enabling a more sustainable future for generations to come. LYB develops high-quality and innovative products for applications ranging from sustainable transportation and food safety to clean water and quality healthcare. LYB places high priority on diversity, equity and inclusion and is Advancing Good with an emphasis on our planet, the communities where we operate and our future workforce. We'readdressing the global challenges of ending plastic waste, taking climate action, and supporting a thriving society, while generating value for our customers, investors, and society. Announcement In June 2025, LYB announced entering into an agreement and exclusive negotiations for the sale of four olefins & polyolefins sites and the associated business in Europe. The sites to be sold are located in Berre (France), Münchsmünster (Germany), Carrington (UK), and Tarragona (Spain). The sites together represent a scaled olefins and polyolefins platform strategically located in proximity to a longstanding customer base and with access and connectivity to key infrastructure. Are you ready? From the start,the new company will be ascaledleader in European Olefins & Polyolefins. Powered by strategicallylocatedassets, a diverse product portfolio, and operational excellence, it aims to transform the business, fostering an agile, entrepreneurial culturewherefast decision-making and hands-on collaboration drive transformation and growth. This is the role The Chief Information Security Officer (CISO) is responsible for defining, implementing, and managing the company’s information and operational technology (OT) security strategy and roadmap, aligning with enterprise IT and business objectives. Reporting to the Chief Information Officer (CIO), the CISO leads a hybrid security model that leverages a Managed Security Provider (MSP) for security operations and an internal Governance, Risk, and Compliance (GRC) team for policy, audit, and risk oversight. This role is critical for protecting intellectual property, systems, and data, ensuring that the organization’s cybersecurity posture supports both safe manufacturing operations and business growth while enabling innovation across IT and OT environments. Key Responsibilities Develop and execute the enterprise cybersecurity strategy aligned with the IT roadmap and business priorities. Act as the principal advisor to the CIO, Board, and executive leadership on cybersecurity risk, threat intelligence, and compliance posture. Integrate security into IT projects, plant modernization, cloud migrations, and digital transformation initiatives. Represent information security in IT governance forums and architecture councils. Lead the internal GRC function responsible for cybersecurity policy, audit, and enterprise risk management. Ensure compliance with key regulatory and industry standards. Conduct regular risk assessments, coordinate internal and external audits, and report findings to the CIO and executive leadership. Oversee the company’s MSP, ensuring effective monitoring, threat detection, and incident response. Maintain clear SLAs, KPIs, and escalation procedures, and operational metrics for the MSP’s performance. Lead coordination between IT, OT, and MSP teams during security incidents, ensuring business continuity and operational safety. Ensure compliance of both IT and OT networks with corporate cybersecurity policies and secure configuration standards. Partner with IT infrastructure, network, and operations teams to maintain secure architectures across corporate, cloud, and plant systems. Collaborate with operations and engineering to implement cybersecurity controls for industrial control systems (ICS / OT), including network segmentation, access management, and patch governance. Oversee data protection, encryption, and identity management initiatives across sites. Manage cybersecurity due diligence and oversight for vendors, suppliers, and partners. Collaborate with Procurement and Legal to integrate security requirements into contracts and service agreements. Promote cybersecurity awareness and accountability across all levels of the organization. Oversee employee training programs on phishing, safe system use, and industrial cyber-physical security. Engage with plant leadership and EHS (Environment, Health, and Safety) teams to align cyber and physical safety programs. Manage the information security budget in coordination with the CIO. Lead and mentor a small, high-performing internal team focused on governance, compliance, and strategic risk management. This is who you are To be successful in this role, you must recognize yourself in the following profile : The role requires deep expertise in cybersecurity across both IT and OT environments, combined with strong vendor management and MSP oversight capabilities. It demands excellent communication, leadership, and influencing skills to bridge technical and business functions, along with a strategic mindset to convert risk into actionable priorities. Success is measured by reducing enterprise and OT security risks, ensuring MSP performance meets SLAs, and achieving compliance with audits and regulations. Additional metrics include effective security integration in IT / OT projects and fostering employee awareness and adherence to policies. Candidates will be assessed on the following LYB competencies : Build Partnerships Deliver Results Drive Innovation Grow Capabilities Promote Inclusion This is a pivotal leadership role for a seasoned security executive who thrives in collaboration with IT and operations. As CISO, you’ll shape a unified cybersecurity vision that protects critical manufacturing systems, drives regulatory compliance, and enables the digital transformation of a global chemical business. This is what you bring Bachelor’s degree in Information Security, Computer Science, Engineering, or related discipline (Master’s preferred). 10+ years of experience in information security or risk management, including at least 3–5 years in a senior leadership capacity. Experience in manufacturing or critical infrastructure environments (chemical, energy, or industrial sectors strongly preferred). Proven success managing outsourced security operations and internal compliance teams. CISSP or CISA Certification is required. ISO 27001 Lead Implementer / Auditor. This is what we offer We offer an environment where we encourage personal and professional growth and where you will be rewarded for your performance and results. You will have the possibility to work with specialist on all fields to develop innovative solutions and to extend your national and international network. In addition, we offer you a competitive salary package. Interested? The recruitment process consists of an initial phone screening and business interviews before proceeding to a possible job offer. A background check will be3 part of the process as well. LyondellBasell does not accept or retain unsolicited resumes or phone calls and / or respond to them or to any third party representing job seekers. Privacy Statement : For information regarding how LyondellBasell processes your personal data, please read our Stay Connected Visit our LYB Like us on Subscribe to our channel #J-18808-Ljbffr