Information Security Analyst / LISO

At Repsol, we are committed to equality and do not request personal information.

We believe that diversity contributes to innovative ideas and provides added value that enables us to benefit from mutual learning and perform our best work. Here, what counts is your experience and your ability to create value. We offer you the opportunity to grow professionally, develop your career with challenging projects and collaborate with talented people worldwide. As a company committed to diversity and inclusion, we encourage all professionals who meet the job description requirements to apply.

We are seeking an experienced Local Information Security Officer (LISO) specialist to ensure that the company assets are secure and in alignment with Repsol and countries’ policies and regulations.

As LISO, this position is responsible to extend and evolve cybersecurity in NA through the analysis, evaluation, application, and supervision of physical, technical, legal, and procedural measures that locally affect the protection of information, the means or systems that contain it, and the people who manage it.

This includes LISO services and equipment in the US, for all USA Businesses and all field locations.

Responsibilities:

• Support and remediate SOC vulnerabilities as required. 

• Provide necessary support for internal or external audits related to information security. 

• Ensure compliance with relevant laws, regulations, and standards (e.g., GDPR, HIPAA). 

• Identify and assess security risks and implement mitigation strategies. 

• Develop and enforce security policies and procedures to protect information assets. 

• Conduct security training and awareness programs for employees. 

• Monitor security systems and generate reports on security status and incidents. 

• Lead the response to security incidents, including investigation and remediation. 

• Liaise with Field Operational Technology (OT) teams and IT global teams to align cyber security standards and policies. 

• Be involved in all initiatives (IT or business) that affect OT networks and ensure correct compliance with the measures defined by Cybersecurity in all of them. 

• Document and keep updated any cybersecurity diagrams, changes, and local policies related to the role. 

• Create, maintain, and implement documentation for Disaster Response, Disaster Recovery, and Business Continuity. 

• Lead Disaster Recovery (DRP) and/or Business Continuity (BC) exercises intended for certifications, testing or audit purposes. 

• Lead the support team in ensuring business continuity and resolving issues during a disaster (from a security perspective). 

• Develop and implement information security awareness training and education programs across the USA. 

• Collaborate with business management, cybersecurity and ITD to improve local security measures. 

• Regularly scheduled meetings are held with the compliance and legal teams to review policies, address ongoing issues, and ensure alignment with regulatory requirements.

Qualifications:

• Bachelor’s in computer science, computer security, information systems degree or any IT related degree

• Experience: Minimum of 5 years of proof experience as IT Security Analyst, Cyber security, or IT Local Information Security role.

• Experience with Operational Technology (OT) / Scada network perimeter and DMZ.  

• Strong technical background with specific knowledge and proof experience in servers and/or networking (as relevant to security).  

• Preferred certifications include CISSP, CISM, CISA, CEH or Security+.  

• CIP Compliance Certification – Focuses on Critical Infrastructure Protection (CIP) standards is a plus for this position

Additional Qualifications:

• Strong written and verbal communication skills.  

• Teamwork, strong interpersonal and leadership skills.  

• Attitude of continuous process improvement.  

• Self-motivated, able to work productively with little supervision to manage workflow.  

• Ability to self-start and manage multiple projects, priorities, and deadlines in a fast-paced multi-changing environment.  

• Willingness and ability to continually learn and share knowledge with others.  

• Persistence in problem-solving and ability to evaluate, determine, and present best solutions.  

• Organizational skills and robust documentation practices.  

• Willingness and ability to back up others on the team in a variety of roles; willing to do whatever duties and assigned as businesses needs evolve.  

• Strong organizational, time management capabilities.  

• Spanish is an asset but not required.  

• Must be able to lift up to 50 pounds of computers or other IT equipment.  

Repsol is an Equal Opportunity Employer M/F/Disability/Veteran

#LI-KT1

Required skills: