Sr. Director, Cybersecurity Operations & Deputy CISO (13234) at Nouryon
Nouryon · Houston, United States Of America · Onsite
- Senior
- Office in Houston
Career Opportunities: Sr. Director, Cybersecurity Operations & Deputy CISO (13234)
Sr. Director, Cybersecurity Operations & Deputy CISO
At Nouryon, our global team of Changemakers takes positive action every day, to reach higher collectively and individually. We create innovative and sustainable solutions for our customers to answer society’s needs – today and in the future.
We are looking for team members who bring ideas forward, champion others and work together to do better. Does that sound like you?
In your future role as Sr. Director, Cybersecurity Operations & Deputy CISO, you will
The Deputy Chief Information Security Officer (Deputy CISO) is responsible for supporting the Chief Information Security Officer (CISO) in the development and implementation of the organization's cybersecurity strategy. This role is crucial for safeguarding the company's global Enterprise and Operational Technology (OT) Assets.
The Deputy CISO is accountable to help shape and execute the global cybersecurity strategy, ensuring alignment with corporate objectives and operational needs. This includes directing efforts to improve and mature existing capabilities as well as creating new capabilities across all cybersecurity domains. The Deputy CISO is an executive with multi-level leadership responsibilities, accountable to the CISO and, indirectly, the Cybersecurity Steering Committee. This is an operational Deputy CISO role with responsibilities across multiple functions, programs, projects, and initiatives that will change over time to provide exposure to all areas of the Nouryon Cybersecurity Program.
Cybersecurity Leadership:
Support the CISO in developing strategic objectives
Assess and recommend enhancements for all environments, programs, solutions, tools, and control areas
Develop and execute operations plans to action strategic objectives
Implement processes to formalize and mature cybersecurity functions
Support operating plan development to justify resource allocation and deliver value
Sync efforts with peer leaders throughout the company, to ensure security is adequately baked into every technical project and initiative
Cybersecurity Engineering & Architecture:
Define cybersecurity requirements that meet the needs of the company and align with the applicable policies, frameworks, and regulatory mandates
Select, procure, onboard, and maintain all cybersecurity tooling, aligned to best practices, meeting internal requirements, and adhering to resource limitations
Approve changes to technical environments, recommending and driving mitigations where needed to meet requirements
Assess cybersecurity risks according to the provided frameworks, quantifying scores and proposing treatment options
Assess IT and OT tools for cybersecurity alignment
Develop reference architectures and working with IT and OT technologists to ensure security requirements are sustained
Run improvement programs and projects across IT & OT
Cybersecurity Operations:
Assess, identify opportunities, propose improvements, and execute action plans to mature functions across all areas of attack surface management, including SOC, Threat Intelligence, and Vulnerability Management
Improve cybersecurity incident management, from incident detection to containment, eradication, and lessons learned—including real-world incidents with a wide range of attack vectors and technological complexities
Improve performance metrics
Formalize the domains of security operations, including work intake & technical processes
GRC:
Foster cybersecurity fusion across CISO Office functions
Develop policies, standards, plans, and playbooks that govern IT and OT security
Improve Risk Assessment and Risk Management
Ensure adherence with cybersecurity regulations throughout all regions and global operating theatres
Formalize the internal cybersecurity compliance program and external audit response
We believe you bring
Bachelor's degree or equivalent business experience in Computer Science, Business Management, etc.
Cybersecurity certifications such as CISSP, CISM, and SANS Certifications
Project management, program management, lean six sigma
Knowledge of NIST, ISO standards and frameworks like COBIT and ISO/IEC 27001 / 27002
20+ years of experience in cybersecurity, with demonstrable success in all of the following domains:
Cybersecurity engineering & architecture: OS hardening; engineering and sustaining cybersecurity solutions to deliver business value and manage risks at the right level; approving IT and OT technical changes from a cybersecurity perspective; supporting development of standards, procedures, and playbooks to establish cybersecurity requirements that meet the objectives set by cybersecurity policy.
Security Operations: operate and mature all SOC functions, including continuous monitoring, detection engineering, Security Information & Event Management (SIEM) solutions, threat hunting, and efforts to fuse vital cybersecurity functions; event/incident management.
All aspects of cloud security across multiple providers and environments, including SaaS, PaaS, and IaaS; DevSecOps; infrastructure as code, containers, cloud-specialized security solutions
Modern and emerging threats, such as those posed by AI, ML, and quantum computing
OT Cybersecurity
Highly regulated environments
Governance, Risk, and Compliance
Threat & Vulnerability Management
Identity & Access Management
Technical Cybersecurity Solutioning: requirements development, vendor selection, procurement, onboarding, technical implementation, support model creation, and all sustain efforts; cybersecurity controls design and implementation; building and executing vendor accountability mechanisms; executing proofs of concept; identifying needed improvements to manage emerging threats or evolving company dynamics; developing selection criteria
Business continuity
Application security
Cybersecurity leadership, from front line management through executive responsibilities
Global operations
Great if you have
Ability to manage and motivate team members
Self-motivated and drive for result
Training capabilities
Good communication, writing and listing skills with security team, suppliers, and colleagues at all levels in the organization
Demonstrate professionalism and integrity
Innovation and continuous improvement
We believe you are a team member who has
Leadership Skills:
Strong leadership skills, including first- and second-level management
Cross-functional leadership in matrixed teams
Budgetary skills
Technical Skills:
Knowledge of cybersecurity programs, solutions, threats, and controls
Familiarity with industry standards and frameworks such as ISO 27001, NIST, COBIT, etc.
In-depth understanding of IT infrastructure, operating systems, networking, architecture, and cloud Skilled at building relationships and gaining buy-in for security initiatives across all levels of the organization.
Proficient with MS Office, project management software, and GRC tools
Analytical Skills:
Strong ability to evaluate technologies and system configurations, assess and mitigate risk, and analyze complex security issues and provide realistic solutions
Communication Skills:
Excellent communication abilities, both written and verbal, to effectively explain complex cybersecurity concepts to various audiences, including technical and non-technical staff, management, and external stakeholders
Organizational Skills:
Ability to prioritize tasks, manage projects, and lead teams in a dynamic business environment
Interpersonal Skills:
Good to know
This is a permanent position on a full-time basis, reporting to the CISO Steve Applegate, who is located in Houston, TX - USA.
Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon.com/careers/how-we-hire/
We look forward to receiving your application!
We kindly ask our internal candidates to apply with your Nouryon email via Success Factors.
We encourage you as a valued Nouryon employee to share talents from your network to help us to bring in new Changemakers through our new Employee Referral Program! Bringing in new, skilled people with a great mindset is beneficial for both you and Nouryon. All info you need to make a referral is here. Join us in growing Nouryon!
About Nouryon
If you’re looking for your next career move, apply today and join Nouryon’s worldwide team of Changemakers in providing essential solutions that our customers use to manufacture everyday products such as personal care, cleaning, paints and coatings, agriculture and food, pharmaceuticals, and building products. Our employees are driven by the wish to make an impact and actively drive positive change. If that describes you, we will gladly make way for your ambitions. From day one we support you with your personal growth, through challenging positions and comprehensive learning and development opportunities, in a dynamic, international, diverse, and proactive working environment.
#WeAreNouryon #Changemakers
We have already chosen our sourcing channels for this recruitment and kindly ask not to be contacted by any advertisement agents, recruitment agencies or staffing companies.
Nouryon is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected under applicable federal, state, or local law
"
What can Nouryon offer you?
If you share our values and ambitions, we offer a fascinating international environment that rewards your skills and enthusiasm. Our employment package comprises a competitive salary and an attractive bonus scheme. Training opportunities and internal networks enable valuable personal and professional development. And through challenging projects you will help us become first choice for our customers, shareholders and employees, all over the world.
Application details
For further information on the recruitment process, please contact [[Recruiter name]], Recruiter. If you have questions on the role, please contact [[Hiring Manager]].
We welcome your online application via our website. Please use the apply button on this page.
A pre-employment screening may form part of the selection process.
"
Sr. Director, Cybersecurity Operations & Deputy CISO
At Nouryon, our global team of Changemakers takes positive action every day, to reach higher collectively and individually. We create innovative and sustainable solutions for our customers to answer society’s needs – today and in the future.
We are looking for team members who bring ideas forward, champion others and work together to do better. Does that sound like you?
In your future role as Sr. Director, Cybersecurity Operations & Deputy CISO, you will
The Deputy Chief Information Security Officer (Deputy CISO) is responsible for supporting the Chief Information Security Officer (CISO) in the development and implementation of the organization's cybersecurity strategy. This role is crucial for safeguarding the company's global Enterprise and Operational Technology (OT) Assets.
The Deputy CISO is accountable to help shape and execute the global cybersecurity strategy, ensuring alignment with corporate objectives and operational needs. This includes directing efforts to improve and mature existing capabilities as well as creating new capabilities across all cybersecurity domains. The Deputy CISO is an executive with multi-level leadership responsibilities, accountable to the CISO and, indirectly, the Cybersecurity Steering Committee. This is an operational Deputy CISO role with responsibilities across multiple functions, programs, projects, and initiatives that will change over time to provide exposure to all areas of the Nouryon Cybersecurity Program.
Cybersecurity Leadership:
Support the CISO in developing strategic objectives
Assess and recommend enhancements for all environments, programs, solutions, tools, and control areas
Develop and execute operations plans to action strategic objectives
Implement processes to formalize and mature cybersecurity functions
Support operating plan development to justify resource allocation and deliver value
Sync efforts with peer leaders throughout the company, to ensure security is adequately baked into every technical project and initiative
Cybersecurity Engineering & Architecture:
Define cybersecurity requirements that meet the needs of the company and align with the applicable policies, frameworks, and regulatory mandates
Select, procure, onboard, and maintain all cybersecurity tooling, aligned to best practices, meeting internal requirements, and adhering to resource limitations
Approve changes to technical environments, recommending and driving mitigations where needed to meet requirements
Assess cybersecurity risks according to the provided frameworks, quantifying scores and proposing treatment options
Assess IT and OT tools for cybersecurity alignment
Develop reference architectures and working with IT and OT technologists to ensure security requirements are sustained
Run improvement programs and projects across IT & OT
Cybersecurity Operations:
Assess, identify opportunities, propose improvements, and execute action plans to mature functions across all areas of attack surface management, including SOC, Threat Intelligence, and Vulnerability Management
Improve cybersecurity incident management, from incident detection to containment, eradication, and lessons learned—including real-world incidents with a wide range of attack vectors and technological complexities
Improve performance metrics
Formalize the domains of security operations, including work intake & technical processes
GRC:
Foster cybersecurity fusion across CISO Office functions
Develop policies, standards, plans, and playbooks that govern IT and OT security
Improve Risk Assessment and Risk Management
Ensure adherence with cybersecurity regulations throughout all regions and global operating theatres
Formalize the internal cybersecurity compliance program and external audit response
We believe you bring
Bachelor's degree or equivalent business experience in Computer Science, Business Management, etc.
Cybersecurity certifications such as CISSP, CISM, and SANS Certifications
Project management, program management, lean six sigma
Knowledge of NIST, ISO standards and frameworks like COBIT and ISO/IEC 27001 / 27002
20+ years of experience in cybersecurity, with demonstrable success in all of the following domains:
Cybersecurity engineering & architecture: OS hardening; engineering and sustaining cybersecurity solutions to deliver business value and manage risks at the right level; approving IT and OT technical changes from a cybersecurity perspective; supporting development of standards, procedures, and playbooks to establish cybersecurity requirements that meet the objectives set by cybersecurity policy.
Security Operations: operate and mature all SOC functions, including continuous monitoring, detection engineering, Security Information & Event Management (SIEM) solutions, threat hunting, and efforts to fuse vital cybersecurity functions; event/incident management.
All aspects of cloud security across multiple providers and environments, including SaaS, PaaS, and IaaS; DevSecOps; infrastructure as code, containers, cloud-specialized security solutions
Modern and emerging threats, such as those posed by AI, ML, and quantum computing
OT Cybersecurity
Highly regulated environments
Governance, Risk, and Compliance
Threat & Vulnerability Management
Identity & Access Management
Technical Cybersecurity Solutioning: requirements development, vendor selection, procurement, onboarding, technical implementation, support model creation, and all sustain efforts; cybersecurity controls design and implementation; building and executing vendor accountability mechanisms; executing proofs of concept; identifying needed improvements to manage emerging threats or evolving company dynamics; developing selection criteria
Business continuity
Application security
Cybersecurity leadership, from front line management through executive responsibilities
Global operations
Great if you have
Ability to manage and motivate team members
Self-motivated and drive for result
Training capabilities
Good communication, writing and listing skills with security team, suppliers, and colleagues at all levels in the organization
Demonstrate professionalism and integrity
Innovation and continuous improvement
We believe you are a team member who has
Leadership Skills:
Strong leadership skills, including first- and second-level management
Cross-functional leadership in matrixed teams
Budgetary skills
Technical Skills:
Knowledge of cybersecurity programs, solutions, threats, and controls
Familiarity with industry standards and frameworks such as ISO 27001, NIST, COBIT, etc.
In-depth understanding of IT infrastructure, operating systems, networking, architecture, and cloud Skilled at building relationships and gaining buy-in for security initiatives across all levels of the organization.
Proficient with MS Office, project management software, and GRC tools
Analytical Skills:
Strong ability to evaluate technologies and system configurations, assess and mitigate risk, and analyze complex security issues and provide realistic solutions
Communication Skills:
Excellent communication abilities, both written and verbal, to effectively explain complex cybersecurity concepts to various audiences, including technical and non-technical staff, management, and external stakeholders
Organizational Skills:
Ability to prioritize tasks, manage projects, and lead teams in a dynamic business environment
Interpersonal Skills:
Good to know
This is a permanent position on a full-time basis, reporting to the CISO Steve Applegate, who is located in Houston, TX - USA.
Please apply via our online recruitment system. We will not accept applications via e-mail. Once it's with us we will review to see if we have a match between your skills and the role! For more information about our hiring process, visit: nouryon.com/careers/how-we-hire/
We look forward to receiving your application!
We kindly ask our internal candidates to apply with your Nouryon email via Success Factors.
We encourage you as a valued Nouryon employee to share talents from your network to help us to bring in new Changemakers through our new Employee Referral Program! Bringing in new, skilled people with a great mindset is beneficial for both you and Nouryon. All info you need to make a referral is here. Join us in growing Nouryon!
About Nouryon
If you’re looking for your next career move, apply today and join Nouryon’s worldwide team of Changemakers in providing essential solutions that our customers use to manufacture everyday products such as personal care, cleaning, paints and coatings, agriculture and food, pharmaceuticals, and building products. Our employees are driven by the wish to make an impact and actively drive positive change. If that describes you, we will gladly make way for your ambitions. From day one we support you with your personal growth, through challenging positions and comprehensive learning and development opportunities, in a dynamic, international, diverse, and proactive working environment.
#WeAreNouryon #Changemakers
We have already chosen our sourcing channels for this recruitment and kindly ask not to be contacted by any advertisement agents, recruitment agencies or staffing companies.
Nouryon is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, veteran status, or any other characteristic protected under applicable federal, state, or local law
"
What can Nouryon offer you?
If you share our values and ambitions, we offer a fascinating international environment that rewards your skills and enthusiasm. Our employment package comprises a competitive salary and an attractive bonus scheme. Training opportunities and internal networks enable valuable personal and professional development. And through challenging projects you will help us become first choice for our customers, shareholders and employees, all over the world.
Application details
For further information on the recruitment process, please contact [[Recruiter name]], Recruiter. If you have questions on the role, please contact [[Hiring Manager]].
We welcome your online application via our website. Please use the apply button on this page.
A pre-employment screening may form part of the selection process.
"
Sr. Director, Cybersecurity Operations & Deputy CISO
At Nouryon, our global team of Changemakers takes positive action every day, to reach higher collectively and individually. We create innovative and sustainable solutions for our customers to answer society’s needs – today and in the future.
We are looking for team members who bring ideas forward, champion others and work together to do better. Does that sound like you?
In your future role as Sr. Director, Cybersecurity Operations & Deputy CISO, you will
The Deputy Chief Information Security Officer (Deputy CISO) is responsible for supporting the Chief Information Security Officer (CISO) in the development and implementation of the organization's cybersecurity strategy. This role is crucial for safeguarding the company's global Enterprise and Operational Technology (OT) Assets.
The Deputy CISO is accountable to help shape and execute the global cybersecurity strategy, ensuring alignment with corporate objectives and operational needs. This includes directing efforts to improve and mature existing capabilities as well as creating new capabilities across all cybersecurity domains. The Deputy CISO is an executive with multi-level leadership responsibilities, accountable to the CISO and, indirectly, the Cybersecurity Steering Committee. This is an operational Deputy CISO role with responsibilities across multiple functions, programs, projects, and initiatives that will change over time to provide exposure to all areas of the Nouryon Cybersecurity Program.
Cybersecurity Leadership:
Support the CISO in developing strategic objectives
Assess and recommend enhancements for all environments, programs, solutions, tools, and control areas
Develop and execute operations plans to action strategic objectives
Implement processes to formalize and mature cybersecurity functions
Support operating plan development to justify resource allocation and deliver value
Sync efforts with peer leaders throughout the company, to ensure security is adequately baked into every technical project and initiative
Cybersecurity Engineering & Architecture:
Define cybersecurity requirements that meet the needs of the company and align with the applicable policies, frameworks, and regulatory mandates
Select, procure, onboard, and maintain all cybersecurity tooling, aligned to best practices, meeting internal requirements, and adhering to resource limitations
Approve changes to technical environments, recommending and driving mitigations where needed to meet requirements
Assess cybersecurity risks according to the provided frameworks, quantifying scores and proposing treatment options
Assess IT and OT tools for cybersecurity alignment
Develop reference architectures and working with IT and OT technologists to ensure security requirements are sustained
Run improvement programs and projects across IT & OT
Cybersecurity Operations:
Assess, identify opportunities, propose improvements, and execute action plans to mature functions across all areas of attack surface management, including SOC, Threat Intelligence, and Vulnerability Management
Improve cybersecurity incident management, from incident detection to containment, eradication, and lessons learned—including real-world incidents with a wide range of attack vectors and technological complexities
Improve performance metrics
Formalize the domains of security operations, including work intake & technical processes
GRC:
Foster cybersecurity fusion across CISO Office functions
Develop policies, standards, plans, and playbooks that govern IT and OT security
Improve Risk Assessment and Risk Management
Ensure adherence with cybersecurity regulations throughout all regions and global operating theatres
Formalize the internal cybersecurity compliance program and external audit response
We believe you bring
Bachelor's degree or equivalent business experience in Computer Science, Business Management, etc.
Cybersecurity certifications such as CISSP, CISM, and SANS Certifications
Project management, program management, lean six sigma
Knowledge of NIST, ISO standards and frameworks like COBIT and ISO/IEC 27001 / 27002
20+ years of experience in cybersecurity, with demonstrable success in all of the following domains:
Cybersecurity engineering & architecture: OS hardening; engineering and sustaining cybersecurity solutions to deliver business value and manage risks at the right level; approving IT and OT technical changes from a cybersecurity perspective; supporting development of standards, procedures, and playbooks to establish cybersecurity requirements that meet the objectives set by cybersecurity policy.
Security Operations: operate and mature all SOC functions, including continuous monitoring, detection engineering, Security Information & Event Management (SIEM) solutions, threat hunting, and efforts to fuse vital cybersecurity functions; event/incident management.
All aspects of cloud security across multiple providers and environments, including SaaS, PaaS, and IaaS; DevSecOps; infrastructure as code, containers, cloud-specialized security solutions
Modern and emerging threats, such as those posed by AI, ML, and quantum computing
OT Cybersecurity
Highly regulated environments
Governance, Risk, and Compliance
Threat & Vulnerability Management
Identity & Access Management
Technical Cybersecurity Solutioning: requirements development, vendor selection, procurement, onboarding, technical implementation, support model creation, and all sustain efforts; cybersecurity controls design and implementation; building and executing vendor accountability mechanisms; executing proofs of concept; identifying needed improvements to manage emerging threats or evolving company dynamics; developing selection criteria
Business continuity
Application security
Cybersecurity leadership, from front line management through executive responsibilities
Global operations
Great if you have
Ability to manage and motivate team members
Self-motivated and drive for result
Training capabilities
Good communication, writing and listing skills with security team, suppliers, and colleagues at all levels in the organization
Demonstrate professionalism and integrity
Innovation and continuous improvement
We believe you are a team member who has
Leadership Skills:
Strong leadership skills, including first- and second-level management
Cross-functional leadership in matrixed teams
Additional benefits