Vulnerability Mgmt Lead

Vulnerability Mgmt Lead Location:  Poznań, PL, 61-569 Req ID:  89724 Facility:  POZNAN-6731 Department:  Security Engineering Division:  Innovation LyondellBasell is a leader in the global chemical industry creating solutions for everyday sustainable living. With a nearly 70-year legacy that includes a Nobel Prize in Chemistry and our proprietary MoReTec recycling technology, LYB is enabling a more sustainable future for generations to come.  LYB develops high-quality and innovative products for applications ranging from sustainable transportation and food safety to clean water and quality healthcare. LYB places high priority on diversity, equity and inclusion and is Advancing Good with an emphasis on our planet, the communities where we operate and our future workforce. We're addressing the global challenges of ending plastic waste, taking climate action, and supporting a thriving society, while generating value for our customers, investors, and society. Come Join an Inclusive Team This role will design and maintain cybersecurity vulnerability management tools.  This will include operational, analytic, and forensic tools, as well as their supporting processes, policies, and controls.  You will architect and maintain the tools used uniquely in the organization that support detective, discovery, and investigative Cybersecurity services.  You will perform threat analysis, risk assessments, and system configuration analysis among other duties to ensure that architecture adequately validates the organizational security posture, new solutions are secured by design, and legacy systems are adequately protected.   The successful candidate will have experience with multiple platforms and programming languages, and a passion to learn the specialized vulnerability assessment tools and processes.  This role, reporting to the leader of Secure Architecture and working closely with other members of Cybersecurity, Digital Technology, and others, will directly contribute to the global enterprise architecture and provide appropriate security solutions. A Day in the Life Conduct active penetration testing to identify vulnerabilities Identify and evaluate escalated vulnerabilities and drive the normalization, correlation, and integration of internal and subscription-threat intelligence sources. Analyze the organization's cyber defense procedures and configurations, and evaluates compliance with regulations and organizational directives Create and maintain detailed information security roadmaps, architectures, and programs to significantly improve the overall security posture of the organization Develop, implement, and assess cybersecurity policies, standards, and guidelines to help internal customers design and implement secure solutions Conduct periodic architectural reviews to assess effectiveness and propose optimal alternatives; audit and review effectiveness of existing controls Provide technical support and in-depth analysis for escalated security issues and vulnerabilities Perform technical evaluations, security analysis, and risk assessments Design and develop security solutions and processes consistent with business goals and risk tolerance Maintain in-depth knowledge of security trends, threats, and tools Recognize and appropriately manage confidential and sensitive information You Bring This Value A Bachelor of Science degree in Cybersecurity, Computer Science, or a related technical discipline and typically 6-10 years of progressive experience. Knowledge of advanced cyber threats, threat intelligence, and adversary methods Demonstrated experience architecting complex systems related to cybersecurity tools Excellent written and verbal communication skills with the ability to articulate both technical and abstract concepts in a clear and concise manner Excellent interpersonal skills and ability to create collaborative relationships Preferred Qualifications: Certified Information Systems Security Professional (CISSP), Security+, CCNA Security, or equivalent certification Working knowledge of the NIST Cybersecurity, MITRE ATT&CK, and ISO frameworks Experience configuring and using Tenable, layer 7 firewalls, and other validation and continuous control assessment tools Experience with Splunk, Microsoft MCAS, vulnerability scanning, and source code scanning tools Experience implementing a vulnerability management program Competencies Build Partnerships Drive Innovation Grow Capabilities Promote Inclusion Motivational Fit Technical Skills Deliver Results