Local Information Security Officer

GENERAL JOB DESCRIPTION:• The internal organization and appointment of the LISOs will be determined by the local• organization in accordance with the corporate cybersecurity function. The local organization is• expected to have a scope of action covering all technological systems of the company, both in• the IT and OT domains. To achieve this, the local organization may need to integrate resources• from other areas such as maintenance, with the LISO being responsible for coordinating all these• local resources. The LISO must have a position within the organization that allows them to• influence all its areas.

ESSENTIAL JOB FUNCTIONS:• It is not expected that the LISO role be a mere executor of corporate guidelines, but• rather that it actively participates and contributes to global processes with its knowledge and• local business expertise.

• A summary of its main functions would be as follows:• Develop and maintain in depth understanding of business unit processes, systems,• technologies, data and third parties.• Act as the primary local Cybersecurity officer for all business stakeholders, representing the• cybersecurity organization locally• Ensure the local implementation of global processes and architectures• Participate in the definition of the global processes by contributing insights based on local• needs and requirements• Work with Corporate Cybersecurity SOC (Security Operations Center) to assist in effectively• driving incidents to acceptable resolution and assist with investigations as needed.• Provide escalation path for Cybersecurity issues, incidents, and inquiries.• Provide local reporting to be included in the global reporting to the governance bodies

• SUPPLEMENTAL JOB FUNCTIONS:• 1. Other duties as assigned• 2. Participation in relevant continuous improvement programs.

MINIMUM EDUCATION, SKILLS AND EXPERIENCE:Previous experience in cybersecurity, IT and/or OT roles Knowledge of cybersecurity best practices In-depth understanding of the company's local processes and operations Deep understanding of the local company's technological architecture. Communication and interpersonal skills. Ability to influence and communicate with variouslevels of the organizationPHYSICAL ABILITIES REQUIRED: Mobility in plant While performing the duties of (this job), the employee is regularly required to sit, stand,walk, etc. The employee is frequently required to make use of their hands for technical tasks The employee must occasionally lift and/or move up to 50 pounds Visual ability with or without correction Communication abilities

• HEALTH AND SAFETY:• 1. Work in compliance with the Occupational Health and Safety Act and regulations• 2. Follow Company safety rules• 3. Report the absence of or defect in any protective equipment or clothing to the Supervisor• or Manager immediately• 4. Use or wear the equipment, protective devices or clothing that is required to be used or• worn:• a. Safety shoes• b. Safety glasses• c. Hearing protection• d. Hard Hat• Some areas may require additional personal protective equipment such as:• e. Respirators; the respirator requires you to be clean shaven in order to comply with• company policies and procedures as well as OSHA Regulations.• f. Fire Retardant clothing• g. Acid PPE• 5. Report to the Safety Coordinator, Group Lead or Supervisor any contravention of the• Occupational Health and Safety Act and Regulations or Company policy• 6. Must follow all Lock out Tag out (LOTO) guidelines for designated machines• 7. Must follow all Environmental Policies and Regulations• 8. Maintain a clean and safe work area

• WORK ENVIRONMENT:• 1. Work in compliance with the Occupational Health and Safety Act and regulations• 2. Clean, well ventilated and safe work areas.

• HUMAN RESOURCES:• 1. Abiding by the Acerinox Code of Conduct• 2. Keeping oneself informed through your company email account• 3. Maintaining your Dynamic Policy Profile and all assigned learnings therein• 4. Abiding by all security procedures• 5. Must have strong written and verbal communication skills• 6. Must be able to learn, adapt, and retain information• 7. Must have strong attention to detail and problem-solving skills