Specialist, Governance, Risk and Compliance
Date: Oct 27, 2024
Location: Sant Just Desvern, B, ES, 08960
City: Barcelona
Country: Spain (ES)
Requisition Number: 36712
Bunge has an exciting opportunity available for Specialist, Governance, Risk and Compliance. In this role you will be part of a global team working on challenging, meaningful projects impacting core business activities. Since 1818, Bunge has been connecting farmers to consumers to deliver essential food, feed, and fuel to the world. Looking to the future, our ambition is to continuously reinvent ourselves, leveraging data to be at the forefront of analytics, technology and talent to accomplish our purpose in a better, faster and simpler way. Bunge is committed to operating and thriving in the digital world – creating world-class agile teams where teammates are empowered and encouraged to collaborate and test and learn to succeed.
At Bunge, people don’t just come here to work, they come here to grow – solving challenges that directly impact the world with a diverse team of thinkers and doers. Bunge offers a strong compensation and benefits package, generous paid time off program, flexible work arrangements, and opportunity to progress. Our hybrid work environment provides a balance of in-office and remote work.
Overview
The Specialist, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities. This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (e.g., NIST, ISO, COBIT, PCI DSS).
Essential Functions
* Serve as liaison to coordinate Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (e.g. NIST, ISO, COBIT, PCI DSS) as needed.
* Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities.
* Define and identify control gaps, provide recommendations for control process improvements, and support control owners’ corrective action plans for remediation.
* Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements.
* Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues.
* Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices.
* Effectively utilize process automation and reporting through Bunge’s Governance, Risk and Compliance (GRC) automation.
* Actively collaborate and support partner functions across Bunge’s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity.
* Recognized as an expert, both internally & external to Bunge in the design, performance and continuous improvement of governance, risk and compliance related services and capabilities.
* Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization.
* Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks.
* Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (e.g., Internal Audit, Legal, Compliance, Privacy).
* Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization.
* Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge’s BT and Cybersecurity internal control environment.
* Ability to work independently and as part of a cross-functional team.
Qualifications
* Bachelor's degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience.
* 7+ years of experience in compliance and controls assurance, internal audit, or a related field.
* Extensive knowledge of Sarbanes-Oxley compliance required.
* Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred.
* Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required.
* Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred.
* Proven experience implementing Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k.
* Certifications such as CIA, CISA, CGEIT, CISSP preferred.
* Ability to manage and execute numerous parallel activities in a fast-paced, dynamic environment.
* Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization.
* Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives.
* Excellent analytical and problem-solving skills.
Bunge is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, transgender status, national origin, citizenship, age, disability or military or veteran status, or any other legally protected status.
#J-18808-Ljbffr