Specialist, Governance, Risk and Compliance

Specialist, Governance, Risk and ComplianceDate: Sep 28, 2024Location: Sant Just Desvern, B, ES, 08960City: BarcelonaCountry: Spain (ES)Requisition Number: 36712Bunge has an exciting opportunity available for Specialist, Governance, Risk and Compliance. In this role you will be part of a global team working on challenging, meaningful projects impacting core business activities. Since 1818, Bunge has been connecting farmers to consumers to deliver essential food, feed, and fuel to the world. Looking to the future, our ambition is to continuously reinvent ourselves, leveraging data to be at the forefront of analytics, technology and talent to accomplish our purpose in a better, faster and simpler way. Bunge is committed to operating and thriving in the digital world – creating world-class agile teams where teammates are empowered and encouraged to collaborate and test and learn to succeed.Most importantly, in all we do we live our values:Act as One Team by fostering inclusion, collaboration, and respectDrive for Excellence by being agile, innovative and efficientDo What's Right by acting safely, ethically, and sustainablyOverviewThe Specialist, Governance, Risk and Compliance demonstrates a high level of professionalism, prioritizing the effective management of cybersecurity governance, risk, and compliance activities. This role will perform, and continuously improve the governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (e.g., NIST, ISO, COBIT, PCI DSS).Essential FunctionsServe as liaison to coordinate Governance, Risk, and Compliance activities with key stakeholders to enable effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (e.g. NIST, ISO, COBIT, PCI DSS) as needed.Implement and perform periodic internal control testing procedures and maturity assessments to evaluate the operating effectiveness of BT and Cybersecurity internal controls and related capabilities.Define and identify control gaps, provide recommendations for control process improvements, and support control owners’ corrective action plans for remediation.Implement and perform compliance and controls assurance processes and procedures to mitigate risks and ensure adherence to regulatory requirements.Conduct risk assessments, internal audits, and investigations to identify and address potential compliance issues.Develop content for comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices.Effectively utilize process automation and reporting through Bunge’s Governance, Risk and Compliance (GRC) automation.Actively collaborate and support partner functions across Bunge’s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity.Executes short to mid-term strategic initiatives driven by the department, including collaboration with partner Governance, Risk and Compliance functions.Recognized as an expert, both internally & external to Bunge in the design, performance and continuous improvement of governance, risk and compliance related services and capabilities.Supports BT compliance with legal and regulatory requirements and adherence to internal control objectives, minimizing BT and Cybersecurity risk & avoiding potential penalties to the organization.Works closely with business units to identify and address compliance gaps, helping to protect the company from financial, legal, and reputational risks.Supports the evaluation, prioritization, registration, monitoring, and mitigation of risks and compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (e.g., Internal Audit, Legal, Compliance, Privacy).Provides valuable insights and recommendations to enhance the compliance framework and promote a culture of compliance throughout the organization.Leverage industry experience and knowledge of applicable best practices, frameworks, and guidance to define effective programs, monitor and strengthen internal controls, risk-prioritize requisite remediation, and to improve the overall posture of Bunge’s BT and Cybersecurity internal control environment.Solve highly complex, multidimensional problems that require extensive investigation and advanced application of expertise to determine root cause, to advise leadership on appropriate remediation methods, and to mitigate or remediate internal controls to an acceptable level of residual risk.Leverage both a measured reactive and a deliberate proactive approach to the assurance and continuous improvement of BT and Cybersecurity internal controls, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance.Effectively partner with colleagues within Bunge’s Governance, Risk and Compliance function, across BT and Cybersecurity, and with various business stakeholders to ensure the adequacy and sufficiency of internal controls and supporting capabilities.Actively contribute to large global projects that include governance, risk and compliance related capabilities and scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals.Partner with critical stakeholders during audits, risk assessments, compliance reviews, and other internal control-based activities to ensure proper engagement, effective root cause analysis, and the development of meaningful and sustainable management action plans.Supports the remediation of compliance and control deficiencies through collaboration with various functions within BT and across various Bunge business stakeholder groups (e.g., Internal Audit, Legal, Compliance, Privacy).Educate BT leadership and functional areas about design adequacy, operating effectiveness, and techniques to ensure continuous compliance and improvement.QualificationsBachelor's degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience.7+ years of experience in compliance and controls assurance, internal audit, or a related field.Extensive knowledge of Sarbanes-Oxley compliance required.Knowledge of Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred.Demonstrated experience in the monitoring and improvement of Information Technology general controls, Cybersecurity controls, and/or compliance programs required.Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred.Proven experience implementing Information Technology and Cybersecurity frameworks required. Possible examples include, but not limited to: COBIT, NIST CSF, ISO 27k.Certifications such as CIA, CISA, CGEIT, CISSP preferred.Ability to manage and execute numerous parallel activities in a fast-paced, dynamic environment.Ability to build and maintain constructive and collaborative working relationships with a diverse community throughout the organization.Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives.Excellent analytical and problem-solving skills.Ability to work independently and as part of a cross-functional team.Bunge is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, transgender status, national origin, citizenship, age, disability or military or veteran status, or any other legally protected status.
#J-18808-Ljbffr