Specialist, Cyber Security, Assurance & Compliance

Chemistry that Matters™ 

A career at SABIC provides you with an opportunity to leave a lasting positive impact to the world and yourself. From excellent health and well-being benefits to our comprehensive learning programs. We offer a wide range of benefits and offerings that recognize that our people have unique motivations and ambitions. It’s all about matching what matters to you with what matters to us. Let’s explore what matters!

As one of the world’s largest diversified chemical companies, we activate the power of human capital to address society’s future challenges. Through partnerships, we enable life-saving medical innovations and help fight world hunger. We are driving the circular economy for the benefit of communities and our planet through sustainability initiatives, such as our TRUCIRCLE™ portfolio.  Today, the company serves customers in more than 140 countries with a global workforce of close to 29,000 talented individuals.  Our values – Inspire, Engage, Create, and Deliver – are the foundation of our success. To learn more about these and how we strive to Be the Impact, click  here: www.sabic.com/en/careers/benefits-that-matter/career-matters/SABIC-Leadership-Way

Our purpose is "Chemistry that Matters". This is what drives us to do what we do. "Chemistry" goes beyond applying science and technology to enhance the supply of essential materials to the world. It is how we work, to build long-lasting relationships of trust. “What Matters” is making a meaningful impact for the world – through the customers and communities we collaborate with, so that we succeed and grow together.

It is all about matching what matters to you with what matters to us. We are mindful about the importance of the team we are building and how our team members impact to our culture.   We believe that good ideas come from anywhere, being inclusive to diverse perspectives is stimulating, encourages innovation and is critical to our mission. Let us explore this together!

For an overview of our benefits here at SABIC, please visit: www.yoursabicbenefits.com

Job Summary

The cybersecurity assurance and compliance role provides independent measurement and reporting of the organization's cybersecurity compliance in alignment with corporate cybersecurity polices and standards, as well as with external regulations and compliance frameworks.  The goal is to ensure the implementation, operations, and effective delivery of cybersecurity controls to meet policy and operational expectations.  The role coordinates with the cybersecurity architect to ensure all IT and OT assets, services, and operations are compliance with internal policies, and with external regulators to ensure compliance to legal and contractual obligations.  The role is responsible to perform continuous assessment, capturing gaps and communicating them to the risk team, who will log them in the risk register and track them to closure.

 Job Responsibilities

• Coordinate with external regulatory bodies and industry groups to capture requirements that ensure adherence to regulatory requirements.
• Coordinate with the cybersecurity architecture role to capture requirements and ensure adherence to internal policies and standards.
• Coordinate with Legal and Procurement teams to capture contractual requirements we have committed to others.
• Coordinate with Legal and Procurement teams to capture contractual requirements others have committed to us.
• Manage regulatory mappings for all geographies of business operations to understand which regulations are applicable, including when and where.
• Establish and maintain a compliance and assessment program aligned to the company's selected frameworks and methodologies.
• Manage and maintain a periodic assurance testing cycle based upon business criticality, regulatory exposure, and business risk.
• Develop and maintain evidence requirements and quality standards needed to prove cybersecurity compliance and assurance.
• Develop, implement, maintain, and operate processes to collect evidence, assess evidence, and report on cybersecurity compliance and control effectiveness.
• Coordinate with stakeholders to report compliance and effectiveness gaps, and follow-up through closure to ensure active progress on addressing gaps.
• Manage and maintain a register of assurance findings, coordinating with business stakeholders to identify and complete corrective actions and plans.
• Independently validate remediation of all findings prior to formal closure.nal services for provisioning and deprovisioning of all identities.
• Prepare and execute internal and external audits.
• Provide evidence governance for audits, regulators, customers, and contractual attestations.
• Coordinate internal/eternal audit remediation tracking.
• Govern, enable, manage, and maintain operational services for access management, including privileged access, just-in-time access, and supporting controls such as multi-factor.
• Coordinate with cybersecurity risk function to ensure any assurance/compliance gaps are captured as cybersecurity risks where relevant.
• Develop and/or procure training and awareness material in regard to internal and external cybersecurity compliance.
• Conduct training sessions to promote compliance awareness within the organization.
• Identify key areas to test and report on compliance and awareness.
• Act as a focal point on major IT and OT projects where high assurance is required per policies and standards, to define assurance controls and criteria to be implemented by the project.
• Design, implement, and execute assurance control testing and validation programs.
• Identify external assessment needs, such as penetration testing, red team testing, ... and establish contracts, services, and relationships as needed to have such tests conducted, integrating results as part of the overall assurance and assessment program.
• Interface with regulators and ensure all cybersecurity reporting obligations are met.
• Leverage assessment results to drive feedback into strategic and operational teams to enhance control effectiveness.
• Implement improvement processes to reduce compliance, audit, and assessment findings over time.

Job Requirements

• BS or MA in computer science, information security, cybersecurity or a related field
• 7+ years It audit, cybersecurity assurance, or other compliance roles.
• Experience with regulatory environments
• Control testing and audit execution
• Working with external auditors and regulators
• Strong knowledge of cyber security framework and controls
• Audit & Testing
• Regulatory & Compliance knowledge
• Risk assessment
• Vendor assurance
• Analytical and Risk-based decision making
• Communication and Influence
• Planning and Organizing
• Personal leadership

Eligibility Requirements (Regional Specific)

• You must submit your application for employment online to be considered. Please submit your resume using the “Apply Now/Apply” option on this page.
• You must be 18 years or older
• Applicants must be currently authorized to work for SABIC in the United States on a full-time basis.

Work Availability

Regular, predictable attendance is an essential function of this position. Applicants must be regularly available and willing to work (e.g. Monday – Friday)] during assigned hours of operation and such other hours as the company determines are necessary or desirable to meet business needs

We are proud to be a diverse and an equal opportunity employer .We are fully committed to a culture of respect and inclusion.