Share this Job

Principal Consultant - IT Risk and Security

Apply now »

Date: Jan 9, 2023

Location: PB, IN, 160059

Company: Bunge

Position Title:     EA IT Risk & Security Specialist 

Location:              Mohali, India    

 

Position Objective

As part of the Global IT Risk and Security team (GITRS), the EA IT Risk & Security Specialist serves as the process owner for all ongoing activities that provide appropriate security to protect the confidentiality and integrity of business information in compliance with organization policies and standards for Bunge, and the assigned region or global function, operating mostly in the Asia region (local shared services centers). He/She will serve as IT Risk and Security Specialist and advisor to the Eurasia Risk & Security Regional Senior Manager, and business functions operating in the region; in addition to have a dotted line relationship with local / region IT and Shared Services operating in the region.

 

Major Opportunities and Decisions

Supporting the implementation of the GITRS strategy and program for EA and locally operating shared services groups. 

 

A strong contributor with demonstrated track record of supporting information risk and security protection for regional program. Someone who can align execution of the strategy at the region level, support global vision on changing the culture to understand IT Security as a business risk. Current areas of focus include input for policy and standards, region awareness training, addressing the latest protections for HVA, access management, and risk assessment and remediation.

 

Principal Accountabilities

 

Activity

Purpose

% Time

Assist Eurasia Regional Director in the implementation of the Global IT Risk and Security program within the Region.

Implement IT Risk and Security program in the region

10%

Act as an advocate for Global IT, and represent Region, in the design and implementation of global risk and security programs.

Aligns region with region and global.

Protect Bunge HVA

10%

Oversee Region incident management, response, and timely closure of security tickets/events to safeguard the company’s assets, intellectual property and computer systems aligned with Global.

Protect and reduce the impact of security incidents to the region and continually improve the process

25%

Identify protection goals, objectives, and metrics consistent with corporate strategic plan for the Region.

Assist region to create meaningful KRIs and metric aligned with Global Policies

 

5%

Support the development and implementation of Region Key Risk Indicators, security policy, standards, guidelines, and procedures to ensure ongoing improvements in security posture.

Compliance with regulatory and law

 

5%

Regions support for developing, maintaining, and executing plans to ensure that Bunge is in compliance with SOX ITGC requirements.

Act as advisor to Region IT and business

 

5%

Support Region is aligned to meeting requirements for SOX and for raising issues to the regional IT Director in a timely manner that may affect SOX compliance.

Ensure alignment with standards and policy

 

5%

Serves as a local information risk and security resource to the Eurasia Senior Manager.

Help create awareness throughout the Region. Assist in the data accuracy. Seeks local business support.

 

10%

Supports appropriate level of documentation for security policies and procedures.

To assess IT Risk in the Region

5%

Facilitates and promotes activities to increase user participation in information security awareness within the countries in the Region.

Policies and standards to align with BUNGE control environment

Evaluate risk and respond to risks in the Region

5%

Supports Risk Control Assessments. Advises on mitigation strategies and tracking.

As part of risk assessment – to evaluate risk in the Region

5%

Implements within the Region information security policies and procedures for the organization.

Helps select the correct technical controls to protect the Region

5%

Provides support to review system-related security plans throughout the organization’s network, acting as a liaison for Region application development.

Support Access management for systems and business

5%

Supports monitoring of compliance with information risk and security policies and procedures, referring problems to the appropriate department manager.

 

 

Advises the Region with current information about information security technologies and related regulatory issues. Assist in the selection and implementation of technical controls.

 

 

Supports monitoring of internal control systems to ensure that appropriate access levels are maintained.

 

 

 

Competencies/Skills:

•             Articulate and persuasive, able to communicate security-related concepts to a broad range of technical and non-technical audiences

•             Experience with IT Infrastructure, Application Development, IT auditing, and risk management

•             Solid understanding of information technology and information risk and security

•             Strong verbal and written communication skills required. English fluency is a must (verbal and written)

•             Local execution of global programs and projects (policies, security awareness, incident management, etc.)

 

Knowledge:

Education and Experience (Identify types and length of education and experience needed to acquire the necessary skills and knowledge to accomplish the desired end results):

3-5 years of experience in IT Risk and Security or 7-8 years of experience in IT infrastructure and/or development.

 

Education:

•             Bachelor’s degree in Computer Science or a related field

 

Experience:

•             Experience in project management and change management

•             Knowledge of information security and access technologies. . Experience in cloud environments security is a plus (e.g., AWS, Azure)

•             Demonstrated experience with assessing risks and developing risk mitigation security measures to ensure the confidentiality, integrity and availability of all company IT assets

•             Knowledge of IT control frameworks such as COBIT, ITIL and ISO 27001

•             3-5 years of experience in a risk and security function within IT

 

Other Requirements

•             Minimum of one certification in CISSP, CISA, CRISC, CISM or other information security related.

•             Ability to flex work schedule to work with global team in opposite time zones. Many global meetings (daily) are conducted during business hours in the USA and Europe.

Bunge (NYSE: BG) is a world leader in sourcing, processing and supplying oilseed and grain products and ingredients. Founded in 1818, Bunge’s expansive network feeds and fuels a growing world, creating sustainable products and opportunities for more than 70,000 farmers and the consumers they serve across the globe. The company is headquartered in St. Louis, Missouri and has 25,000 employees worldwide who stand behind more than 350 port terminals, oilseed processing plants, grain facilities, and food and ingredient production and packaging facilities around the world.

 

Bunge is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, transgender status, national origin, citizenship, age, disability or military or veteran status, or any other legally protected status.  Bunge is an Equal Opportunity Employer. Minorities/Women/Veterans/Disabled


Job Segment: Compliance, Information Security, Sustainable Agriculture, Application Developer, Consulting, Legal, Technology, Agriculture, Contract