Security Engineer

About Lubrizol  
The Lubrizol Corporation, a Berkshire Hathaway company, is a specialty chemical company whose science delivers sustainable solutions to advance mobility, improve wellbeing and enhance modern life. Founded in 1928, Lubrizol owns and operates more than 100 manufacturing facilities, sales, and technical offices around the world and has about 8,000 employees. For more information, visit www.Lubrizol.com.  

We value diversity in professional backgrounds and life experiences. By enabling a consistent, unbiased, and transparent recruitment process, Lubrizol seeks to create a positive experience for candidates so we can get to know them at their best. We recognise unique work and life situations and offer flexibility, ensuring our employees feel engaged and fulfilled in every aspect of life. 

Summary of the Role:   

The Security Engineer at Lubrizol plays a crucial role in enhancing the company's cybersecurity posture on a global scale. Their primary responsibility is to implement robust security protocols, policies, and procedures to safeguard Lubrizol's systems and data. This includes deploying and maintaining cutting-edge information security tools and systems to support ongoing security operations.

In addition to these responsibilities, the Security Engineer conducts comprehensive vulnerability assessments, penetration testing, and risk assessments. These activities help identify and prioritize potential security risks, allowing the engineer to develop effective mitigation strategies. Furthermore, they perform technical security audits and assessments to ensure compliance with relevant regulations, industry best practices, and organizational policies.

Collaboration with cross-functional teams is a key aspect of the Security Engineer's role. They work closely with various teams to incorporate security requirements into system and network design, ensuring that security measures are integrated from the ground up.

To stay ahead of emerging threats, technologies, and industry trends, the Security Engineer remains up-to-date with the latest developments in the cybersecurity landscape. This knowledge enables them to provide valuable recommendations for enhancing security measures at Lubrizol.

Responsibilities / Accountabilities:  

• Strengthening Lubrizol's global cybersecurity posture by implementing robust security protocols, policies, and procedures to safeguard the company's systems and data.
• Playing a pivotal role in the development, deployment, and maintenance of information security tools and systems that directly contribute to enhancing Lubrizol's overall cybersecurity operations.
• Conducting comprehensive vulnerability assessments, penetration testing, and risk assessments to proactively identify and prioritize potential security risks and vulnerabilities, thereby fortifying Lubrizol's defenses.
• Ensuring compliance with applicable regulations, industry best practices, and organizational security policies through meticulous technical security audits and assessments, bolstering Lubrizol's adherence to robust security standards.
• Collaborating closely with cross-functional teams to seamlessly integrate security requirements into system and network design, development, and implementation processes, thereby embedding security at every level.
• Keeping abreast of the latest security threats, technologies, and industry trends to provide valuable recommendations for continuously improving Lubrizol's security posture on a global scale.
• Undertaking other information security activities as needed to further enhance Lubrizol's cybersecurity resilience.
• Other Information Security activities as needed.

Skills That Make a Difference:

• Demonstrated effectiveness in working independently, setting priorities, and efficiently completing tasks to meet the organization's needs, thereby making a global impact on Lubrizol's cybersecurity posture.
• Ability to build strong relationships and collaborate effectively in a matrix-driven, global environment, fostering a culture of teamwork and cooperation that enhances Lubrizol's cybersecurity capabilities worldwide.
• Sound decision-making skills, coupled with proactive and creative problem-solving abilities, enabling strategic thinking that contributes to the continuous improvement of Lubrizol's global cybersecurity defence.
• Strong IT process discipline and critical thinking skills, ensuring a systematic and analytical approach to cybersecurity, resulting in robust protection for Lubrizol's systems and data on a global scale.
• Excellent interpersonal skills that facilitate effective communication and collaboration with local users, global colleagues, and leadership, enabling seamless coordination and alignment of cybersecurity efforts across the organization.
• Ability to drive clear accountability and set expectations, driving a culture of responsibility and ownership that strengthens Lubrizol's global cybersecurity posture.
• Strong written and verbal communication skills, essential for effectively conveying information to local users, global colleagues, and leadership, thereby facilitating informed decision-making and promoting a unified approach to cybersecurity.
• Proficiency in developing assessment plans for new technologies and processes, even in the absence of previous guidance or templates, demonstrating adaptability and resourcefulness in addressing emerging cybersecurity challenges on a global scale.
• Aptitude for quickly learning and understanding new legal or regulatory standards, and applying a practical approach to implementing those standards, ensuring Lubrizol's compliance with global cybersecurity regulations and enhancing the company's reputation as a trusted global leader in cybersecurity.

Experience :

• A minimum of 1 years of experience in the field of cybersecurity or a related role, demonstrating a strong understanding of cybersecurity principles, practices, and technologies. This experience should include:
• Implementing security protocols, policies, and procedures to protect systems and data, showcasing the ability to make a tangible impact on an organization's cybersecurity posture.
• Hands-on experience in deploying and maintaining information security tools and systems, ensuring the effective support of security operations.
• Conducting vulnerability assessments, penetration testing, and risk assessments to identify and prioritize security risks and vulnerabilities.
• Performing technical security audits and assessments to ensure compliance with regulations, best practices, and organizational policies.
• Collaborating with cross-functional teams to incorporate security requirements into system and network design, development, and implementation processes.
• Staying updated on security threats, technologies, and industry trends, enabling the provision of recommendations for enhancing security measures.
• Working with compliance frameworks such as NIST, PCI, SOX, ISO, GDPR, etc., ensuring adherence to relevant regulations and standards.
• Demonstrating strong analytical and problem-solving skills, with the ability to think strategically and proactively address cybersecurity challenges.
• Possessing excellent written and verbal communication skills, with the ability to effectively communicate with stakeholders at all levels of the organization.
• Proficiency in Public Key Infrastructure (PKI) and multifactor authentication, providing robust authentication mechanisms to safeguard access to sensitive information.
• Understanding of SAML and/or oAuth, authentication, authorization, and accounting protocols, facilitating secure and seamless access to various systems and applications.

The following qualifications are considered a plus for the Security Engineer role:

• Understanding of Manufacturing DCS/PLC/SCADA Systems, providing knowledge of the unique security considerations and challenges associated with industrial control systems.
• Familiarity with SAP ERP S4/Hana, enabling the implementation of effective security measures within the SAP environment.
• Understanding of Cloud Technologies, including knowledge of cloud security best practices and the ability to secure cloud-based systems and data.
• Strong business acumen, allowing for a comprehensive understanding of Lubrizol's business operations and the ability to align cybersecurity strategies with organizational goals and objectives.

Ready for your next career step? Apply today and let's shape the future together!

It’s an exciting time to be part of Lubrizol. Lubrizol is not staying put. We are continually learning and evolving. Our passion delivers our success — not only for Lubrizol but for those who count on us every day: our employees, customers and communities.

We work with a relentless commitment to operate safely and responsibly, keeping safety, sustainability, ethics, and compliance at the forefront of everything we do. The well-being of our employees, customers and communities is paramount to our culture and in the way we approach our work.

As a diverse, global team, we work together to solve some of the world’s most pressing challenges. We impact everyday lives through science only Lubrizol can deliver, and we never stop pushing to do it better.

One of the founding principles of The Lubrizol Corporation more than 90 years ago was treating every employee with dignity and respect. That same commitment is only stronger today. 

More than that, we are committed to providing an environment where every employee can be the best they can be, no matter their ethnic origin, religion, sex, national origin, sexual orientation, gender identity, disability or any other characteristic.