Sr. Analyst, Governance, Risk and Compliance
Bunge has an exciting opportunity available for Sr. Analyst, Governance, Risk and Compliance. In this role you will be part of a global team working on challenging, meaningful projects impacting core business activities. Since 1818, Bunge has been connecting farmers to consumers to deliver essential food, feed, and fuel to the world. Looking to the future, our ambition is to continuously reinvent ourselves, leveraging data to be at the forefront of analytics, technology and talent to accomplish our purpose in a better, faster and simpler way. Bunge is committed to operating and thriving in the digital world – creating world class agile teams where teammates are empowered and encouraged to collaborate and test and learn to succeed.
At Bunge, people don’t just come here to work, they come here to grow – solving challenges that directly impact the world with a diverse team of thinkers and doers. Bunge offers a strong compensation and benefits package, generous paid time off program, flexible work arrangements, and opportunity to progress. Our hybrid work environment provides a balance of in-office and remote work.
Most importantly, in all we do we live our values:
* Act as One Team by fostering inclusion, collaboration, and respect
* Drive for Excellence by being agile, innovative and efficient
* Do What's Right by acting safely, ethically, and sustainably
Overview
The Sr. Analyst, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities. This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (e.g., NIST, ISO, COBIT, PCI DSS). This role will perform, and continuously improve Risk Management assessments, risk registration, prioritized risk remediation, third party and application evaluations, and will maintain the risk register in Bunge’s Governance, Risk and Compliance automation to support the overall effectiveness of the BT organization.
Essential Functions
* Actively engage in Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (e.g. NIST, ISO, COBIT, PCI DSS) as needed. Facilitate effective audits, compliance reviews, and other internal control-based activities for the Business Technology (BT) organization. Ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans.
* Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities.
* Define and identify control gaps, provide recommendations for control process improvements, and support control owners’ corrective action plans for remediation.
* Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements.
* Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues.
* Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices.
* Effectively utilize process automation and reporting through Bunge’s Governance, Risk and Compliance (GRC) automation.
* Actively collaborate and support partner functions across Bunge’s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity.
* Executes operational and supports the implementation of strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions.
* Recognized as an expert within Bunge in the performance and continuous improvement of governance, risk and compliance related services and capabilities.
* Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization.
* Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks.
* Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (e.g., Internal Audit, Legal, Compliance, Privacy).
* Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization.
* Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge’s BT and Cybersecurity internal control environment.
* Solve highly complex problems that require significant investigation and advanced application of expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including longstanding or unprecedented improvements without a historical precedent.
Qualifications
* Bachelor's degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience.
* 5+ years of experience in compliance and controls assurance, internal audit, or a related field.
* Prior experience in Sarbanes-Oxley compliance required.
* Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred.
* Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required.
* Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred.
* Proven experience working with Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k.
* Certifications such as CIA, CISA, CGEIT, CISSP preferred.
* Ability to manage and execute parallel activities in a fast-paced, dynamic environment.
* Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization.
* Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives.
* Excellent analytical and problem-solving skills.
* Recognized as an expert in internal controls, effective demonstration of compliance, and applicable remediation and mitigation techniques within the organization.
* Leverage a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance.
* Leverage industry experience and knowledge of applicable best practices (e.g., COBIT, NIST CSF, ISO 27k) frameworks, and guidance to establish effective governance, strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge’s BT and Cybersecurity programs.
* Apply expertise to determine root cause, to advise key stakeholders on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk, across various functional areas of Business Technology and Cybersecurity, including the remediation of longstanding risks and deficiencies.
* Ability to work independently and as part of a cross functional team.
* Demonstrates a company ownership mindset, thinking beyond boundaries of their own area.
* Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals.
* Ability to work with limited direct management to participate in governance, risk, and compliance related efforts, improve practices, coordinate cross functional activities and to successfully deliver strategic outcomes.
* Demonstrate an ability to balance the appropriate performance of a control and proper mitigation of risk with the realization of critical business capabilities, working within time, technology, capacity, and budget constraints, and leverage this when working with process and control owners.
* Effectively utilize process automation and reporting through Bunge’s Governance, Risk and Compliance (GRC) automation.
#J-18808-Ljbffr