GRC Lead

Arxada is a global leader in innovative solutions that protect our world. Our groundbreaking technologies, in-depth regulatory know-how, manufacturing and process development help our customers to safeguard nutrition, health and infrastructure efficiently through chemistry and biotechnology that enhance sustainability. We offer a broad portfolio of ingredients and services for multiple end-markets that include Human Health & Nutrition, Home & Personal Care, Professional Hygiene, Paints & Coatings and Wood Protection.

With customers in more than 100 countries, the company achieved sales of CHF 2 billion in 2024. Headquartered in Basel (Switzerland), Arxada employs 3,200 associates across 24 production sites and 14 R&D centers, all committed to our customers' success.

Arxada is seeking an Information Security GRC Lead that will own global SAP Authorization, Risk Management. The role requires deep knowledge and experience in risk management, information security governance, risk, and compliance, and process development.

Essential Job Functions:

• Information security controls are defined, documented, and aligned with adopted frameworks, policies, and compliance requirements;
• Security risks are identified, tracked, and managed.
• Adopted internal controls are regularly monitored for effectiveness and compliance with the goal of continuous process improvement.
• Drives and manages the technical delivery of SAP GRC and authorization solutions within the SAP environments to meet new business requirements, audit readiness, and protection from both internal and external threats.
• Manages the external SAP authorization team (service provider).
• Works closely with Internal Audit, Business, SAP Functional support and Basis teams in implementing GRC Access Controls.
• Works closely with the internal control team and internal IT Application team members to manage new authorization requests and troubleshoot issues and implement appropriate solutions.
• Works with business and project teams to troubleshoot issues with authorization objects and identify and implement appropriate solutions.
• Establishes, document, and ensure adherence to SAP security policies and procedures.
• Performs routine user access and entitlement reviews, including identification of segregation of duties conflicts.
• Performs enterprise risk assessments, report results to management, and establish/leverage formal risk tracking and acceptance processes.
• Establishes information security internal control mappings and ensure alignment with adopted security and compliance frameworks.
• Performs third party service provider/vendor risk assessments.
• Develops information security and data privacy policies, standards, and procedures; routinely review and update governance documents.
• Tracks penetration testing remediation efforts to successful remediation as validated by subsequent follow-up testing.
• Provides documentation and research assistance, as needed, during information security incident response scenarios.
• Performs research related to emerging solutions and methodologies that will help the organization reduce risk and evolve with a changing threat landscape.
• Cyber security objectives in all aspects of the business.

Qualifications & Expertises:

• Experience adopting and implementing risk management, cyber security, and compliance frameworks (e.g., NIST CSF 2.0, ISO 27000-series, Swiss Data Protection Act, EU GDPR, GxP).
• Knowledge of or experience working with cloud technologies/environments, including evaluating and implementing controls on Infrastructure as a Service (IaaS) environments.
• Analytical thinker with strong organizational skills; attention to detail.
• Prior use and knowledge of GRC tooling (e.g., SAP GRC or similar).
• Broad knowledge of both information technology and computer security issues, requirements, trends, and industry practices.
• Outstanding oral and written communication skills in English. Business fluency in German would be desirable.

Arxada has world class offering in two distinct areas:

Microbial Control Solutions (MCS) focuses on threats posed by microorganisms to people and planet through five distinct business lines including Professional Hygiene, Home & Personal Care, Wood Protection, Paints & Coatings and Material Protection.

Nutrition, Care & Environmental (NCE), meanwhile, provides materials used to manufacture composites for electronics, aerospace and other markets, as well as vitamins and nutritional ingredients, chemicals and performance intermediates, and raw materials for a wide range of high-performance applications.

Arxada is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a qualified individual with disability, protected veteran status, or any other characteristic protected by law.

ES03