OFI
Director, Governance Risk and Compliance
OFI, Chicago, Illinois, United States, 60290
Description
We are a global leader in food & beverage ingredients. Pioneers at heart, we operate at the forefront of consumer trends to provide food & beverage manufacturers with products and ingredients that will delight their consumers. Making a positive impact on people and planet is all part of the delight. With a deep-rooted presence in the countries where our ingredients are grown, we are closer to farmers, enabling better quality, and more reliable, traceable and transparent supply. Supplying products and ingredients at scale is just the start. We add value through our unique, complementary portfolio of natural, delicious and nutritious products. With our fresh thinking, we help our customers unleash the sensory and functional attributes of cocoa, coffee, dairy, nuts and spices so they can create naturally good food & beverage products that meet consumer expectations. And whoever we’re with, whatever we’re doing, we always
make it real .
Position Summary
Build and lead the GRC function in line with Cyber Security Policy. As the GRC leader you will play a critical role in ensuring that ofi adheres to regulatory requirements, industry standards and internal policies related to information security. You will lead efforts to establish and maintain effective governance frameworks, assess risks, develop and improve policy and implement controls. This role requires expertise in ISO27001, NIST, GDPR and experience working in regulated areas around the globe including Europe.
The role will ensure that all people working for and with ofi know and understand what is expected of them to keep ofi secure, through owning, managing and delivering a comprehensive cyber behavioural change program. Additionally managing all third party compliance, from RFP through contract lifecycle management.
This role requires a deep understanding of:
Information Security Risk Management
Enterprise Risk Management
Assurance process and tooling
Behavioural change management
Information Security Compliance
You will be required to think both strategically and tactically deliver day to day. You must be able to communicate effectively at all levels, execute with precision and an eye on the detail.
Position Responsibilities
Develop policy, processes and controls to deliver a secure
ofi
Oversee compliance by internal teams and outsourced teams to the policies and contracted obligations, ensuring legal and regulatory requirements are met
Own, develop, deliver and continuously improve a cyber security culture and behavioural change program
Ownership of vulnerability and patch management processes and outcomes
Third party risk management through all stages of contract lifecycle
Partner with Enterprise risk management and Internal audit to manage IT risks and findings
Support ofi to develop, record and maintain crisis management plans that consider cyber as a threat.
Collaborate with key stakeholders to resolve incidents impacting regulatory compliance
Perform horizon scanning to proactively identify and intercept potential changes in our regulatory landscape
Position Requirements
Excellent interpersonal, communication and negotiation skills. Able to summarise and present complex concepts
Extensive experience (and qualifications where appropriate) in ISO27001, NIST, SOC2 GDPR, and EUDR
University degree ideally in Information Security or related field
CISM, CISSP, CRISC qualification would be preferred
Experience managing partners to deliver against contracted accountabilities / SLA’s / KPI’s
Financial management experience
Project management experience
Deep understanding of cyber risk and regulatory requirements
Flexibility to collaborate with colleagues across multiple locations and time zones when required.
Note: This job description is not intended to be all-inclusive. Employee may perform other related duties as negotiated to meet the ongoing needs of the organization.
ofi provides equality of opportunity for all persons with respect to hiring without discrimination on the grounds of race, color, religion, national origin, sex, pregnancy, age, disability, veteran status, or sexual orientation. All employment will be decided on the basis of qualifications, merit and business need. If you need assistance or an accommodation due to a disability, you may contact us for support at: US-Talent.Acquisition@ofi.com
At ofi, we celebrate our diversity. Olam Americas Inc. is proud to be an equal opportunity workplace.
#J-18808-Ljbffr
We are a global leader in food & beverage ingredients. Pioneers at heart, we operate at the forefront of consumer trends to provide food & beverage manufacturers with products and ingredients that will delight their consumers. Making a positive impact on people and planet is all part of the delight. With a deep-rooted presence in the countries where our ingredients are grown, we are closer to farmers, enabling better quality, and more reliable, traceable and transparent supply. Supplying products and ingredients at scale is just the start. We add value through our unique, complementary portfolio of natural, delicious and nutritious products. With our fresh thinking, we help our customers unleash the sensory and functional attributes of cocoa, coffee, dairy, nuts and spices so they can create naturally good food & beverage products that meet consumer expectations. And whoever we’re with, whatever we’re doing, we always
make it real .
Position Summary
Build and lead the GRC function in line with Cyber Security Policy. As the GRC leader you will play a critical role in ensuring that ofi adheres to regulatory requirements, industry standards and internal policies related to information security. You will lead efforts to establish and maintain effective governance frameworks, assess risks, develop and improve policy and implement controls. This role requires expertise in ISO27001, NIST, GDPR and experience working in regulated areas around the globe including Europe.
The role will ensure that all people working for and with ofi know and understand what is expected of them to keep ofi secure, through owning, managing and delivering a comprehensive cyber behavioural change program. Additionally managing all third party compliance, from RFP through contract lifecycle management.
This role requires a deep understanding of:
Information Security Risk Management
Enterprise Risk Management
Assurance process and tooling
Behavioural change management
Information Security Compliance
You will be required to think both strategically and tactically deliver day to day. You must be able to communicate effectively at all levels, execute with precision and an eye on the detail.
Position Responsibilities
Develop policy, processes and controls to deliver a secure
ofi
Oversee compliance by internal teams and outsourced teams to the policies and contracted obligations, ensuring legal and regulatory requirements are met
Own, develop, deliver and continuously improve a cyber security culture and behavioural change program
Ownership of vulnerability and patch management processes and outcomes
Third party risk management through all stages of contract lifecycle
Partner with Enterprise risk management and Internal audit to manage IT risks and findings
Support ofi to develop, record and maintain crisis management plans that consider cyber as a threat.
Collaborate with key stakeholders to resolve incidents impacting regulatory compliance
Perform horizon scanning to proactively identify and intercept potential changes in our regulatory landscape
Position Requirements
Excellent interpersonal, communication and negotiation skills. Able to summarise and present complex concepts
Extensive experience (and qualifications where appropriate) in ISO27001, NIST, SOC2 GDPR, and EUDR
University degree ideally in Information Security or related field
CISM, CISSP, CRISC qualification would be preferred
Experience managing partners to deliver against contracted accountabilities / SLA’s / KPI’s
Financial management experience
Project management experience
Deep understanding of cyber risk and regulatory requirements
Flexibility to collaborate with colleagues across multiple locations and time zones when required.
Note: This job description is not intended to be all-inclusive. Employee may perform other related duties as negotiated to meet the ongoing needs of the organization.
ofi provides equality of opportunity for all persons with respect to hiring without discrimination on the grounds of race, color, religion, national origin, sex, pregnancy, age, disability, veteran status, or sexual orientation. All employment will be decided on the basis of qualifications, merit and business need. If you need assistance or an accommodation due to a disability, you may contact us for support at: US-Talent.Acquisition@ofi.com
At ofi, we celebrate our diversity. Olam Americas Inc. is proud to be an equal opportunity workplace.
#J-18808-Ljbffr