LyondellBasell

Basic Function

The IT GRC Senior Analyst will be responsible for providing both tactical and strategic leadership in the enhancement of the IT organization's governance, risk and compliance program. The IT GRC Senior Analyst will work closely with the Information Technology, Global Centers of Excellence, Procurement and Operational Technology groups ensuring conformity with our Information, Communication, and Technology (ICT) Standard and related policies. This role will provide guidance and support initiatives leading to the adoption and execution of new and existing IT operational and information protection requirements. Applicant will serve as a consultant to process owners, providing expertise with respect to risks and controls, analyzing the impact of process changes on the control structure, managing components of global processes, performing various risk based assessments, and bringing forth opportunities to better the business and influence decisions regarding IT governance, compliance and cybersecurity.

Roles & Responsibilities

• Lead the development, implementation, and maintenance of an effective information protection governance and risk management program to support current and future needs.
• Enhance and maintain LYB's IT risk assessment program to evaluate IT compliance and operational risks that require follow-up, investigations, or risk management strategies.
• Continually improve LYB's information security management system within the context of the ISO 27001 standard. Support annual ISO 27001 and other external audits.
• Serve as IT policy and standards subject matter expert reviewing policies and standards against emerging threats, legislative and regulatory changes, and customer expectations ensuring information protection priorities are considered throughout the portfolio.
• Coordinate the annual review of IT policies and standards, processes, controls, disaster recovery plans and business continuity plans, working with the "owners" to make revisions and updates (as needed).
• Serve as a consultant to process owners, providing expertise with respect to risks and controls, analyzing the impact of process changes on the control structure, evaluating compliance requirements for industry or regulatory mandates and driving solutions to process owner barriers.
• Champion and maintain group's role in third party risk management as it relates specifically to information protection/cybersecurity, performing third party risk assessments, documenting findings and managing continuous monitoring.
• Manage the company's risk management, governance and compliance systems and/or tools in regard to the areas of information security, policy, compliance, and risk management.
• Participate in annual IT disaster recovery and Cybersecurity business continuity planning, training and testing initiatives.
• Support the creation, generation, monitoring and reporting of GRC program and individual performance metrics and KPIs.
• Other duties as assigned.

Min. Qualifications

• Bachelor's degree in computer science, information systems, business administration, or related field
• 5+ years of practical experience in IT Compliance, Governance Management, IT Audit, Third Party Risk Management, and/or IT Disaster Recovery.
• Three to five years of experience related to process design and improvement as well as mapping of control frameworks to regulatory/industry standards such as ISO, COBIT, COSO, and NIST guidelines.
• Technical skills & knowledge
  • Strong competency with SOX, COBIT, ITIL, ISO 27002 policy frameworks and compliance
  • Developing and maintaining global standards
  • Performing risk assessments
• Strong communication and interpersonal skills
• Detailed oriented and proficient in written and oral communications
• Ability to work efficiently and independently with minimal supervision or guidance.
• Proficiency to give and receive feedback to peers and subordinates appropriately. Mentor on IT-related processes and business drivers
• Problem-solving, negotiation and decision-making skills to influence management, as well as internal and external partners
• Intercultural competence

Preferred Qualifications

• CISSP, QSA, CISA or other security recognition desirable
• Working knowledge of an ERP system (e.g. SAP) desirable

#LI-SS1

#LI-Hybrid

Competencies

Builds effective teams

Collaborates

Cultivates innovation

Customer focus

Demonstrates courage

Drives results

Ensures accountability

Instills trust and exemplifies integrity

LyondellBasell (NYSE: LYB) is one of the largest plastics, chemicals and refining companies in the world. Driven by its employees around the globe, LyondellBasell produces materials and products that are key to advancing solutions to modern challenges like enhancing food safety through lightweight and flexible packaging, protecting the purity of water supplies through stronger and more versatile pipes, improving the safety, comfort and fuel efficiency of many of the cars and trucks on the road, and ensuring the safe and effective functionality in electronics and appliances. LyondellBasell sells products into more than 100 countries and is the world's largest producer of polypropylene compounds and the largest licensor of polyolefin technologies. In 2022, LyondellBasell was named to Fortune Magazine's list of the "World's Most Admired Companies" for the fifth consecutive year.

We have the potential - and responsibility - to use this scale and reach to make a positive impact across our value chains. That's why we are working to make meaningful progress to address some of the world's most pressing challenges such as reducing plastic waste in the environment, helping to mitigate climate change and contributing to a thriving society for our employees, the communities where we operate and the people who depend on our products. To learn more, click here.

Must be at least 18 years of age and must be legally authorized to work in the United States (US) on a permanent basis without visa sponsorship.

LyondellBasell does not accept or retain unsolicited resumes or phone calls and/or respond to them or to any third party representing job seekers.

LyondellBasell is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, age, veteran status, and other protected characteristics. The US EEO is the Law poster is available here.

Nearest Major Market: Houston