Sr Specialist Information Security

Celanese is a global leader in chemistry, producing specialty material solutions used across most major industries and consumer applications. Our businesses use our chemistry, technology and commercial expertise to create value for our customers, employees and shareholders. We are committed to sustainability by responsibly managing the materials we create for their entire lifecycle and are growing our portfolio of sustainable products to meet increasing customer and societal demand. We strive to make a positive impact in our communities and to foster inclusivity across our teams. Celanese is a Fortune 500 company that employs approximately 12,400 employees worldwide with 2023 net sales of $10.9 billion.

The Technology Risk Analyst is responsible for supporting both Information Technology and Information Security in all aspects of end-to-end technology/information security risk assessments. This opportunity allows for risk to be assessed across a broad spectrum of targets (e.g., applications, systems, technical environment, business processes) to help secure Celanese’s information assets in both).  You will lead and execute in-depth risk assessments, monitoring compliance, investigate and quantify strategic, operational and regulatory risks that span the organization’s technology footprint. This will require attention to detail to uncover risks and their impact to the organization.

Key Duties and Responsibilities:

• Participates in the application of operational risk policies, technology and tools, and governance processes to create lasting solutions for minimizing losses from failed internal processes, inadequate controls, and emerging risks.
• Conduct risk assessments to anticipate, identify, evaluate complex data to mitigate risk to Celanese’s digital maturity and information security posture. Document risks and drive key remediation and effective migration efforts by building and engaging cross-functional relationships with stakeholders.
• Effectively manage issues, track remediations, interface with the business; represent management’s views when communicating risk-related concerns related to technology products and services.
• Liaise and provide security risk guidance for IT projects, including the evaluation and recommendation of technical controls to ensure alignment between security and technology implementation practices.
• Problem solving: ability to effectively seek ways to resolve issues in a streamlined approach while acknowledging inherent complexities.
• Develop and report on Key Risk Indicators (KRI’s) and Key Performance Indicators (KPI’s) and make recommendations for changes or improvements, balancing business needs with risk assessment.
• Proactively manages Celanese’s Third Party Risk Management outsourced service via the Managed Service Provider (MSP).

Qualifications:

What YOU will bring to the team

• Typically has 5-8 years of experience in; internal risk management cybersecurity, Governance, Risk and Compliance (GRC), Internal Technology Audit, Information Security Assurance and(or) strong audit/technical evaluation experience with various types of systems, networks and cloud technology.
• Excellent verbal and written communication skills • Customer focused with excellent Interpersonal skills and ability to work well in a team environment collaborating across diverse groups.
• Demonstrated understanding of operational technology risk and gap identification.
• Ability to multi-task and manage multiple objectives simultaneously
• Ability to present a compelling case to influence others where appropriate

• Undergraduate degree in Computer Science or information technology-related field or equivalent combination of training and experience required.