Sr Manager, Policy Governance and Cybersecurity Outreach

Location : Barcelona Hub 

City : Barcelona 

State : Barcelona (ES-B) 

Country : Spain (ES) 

Requisition Number : 36203 

Bunge, a global leader in agribusiness, has an exciting opportunity available for a Senior Manager, Policy Governance and Cybersecurity Outreach. As part of a global team, you will work on challenging and meaningful projects that directly impact core business activities. Since 1818, Bunge has been connecting farmers to consumers, delivering essential food, feed, and fuel to the world. Looking towards the future, Bunge aims to continuously reinvent itself, leveraging data to be at the forefront of analytics, technology, and talent to accomplish its purpose in a better, faster, and simpler way. Bunge is committed to operating and thriving in the digital world, creating world-class agile teams where teammates are empowered and encouraged to collaborate, test, and learn to succeed.

Overview:
Under the direction of the Director of Business Technology (BT) Security and Risk Management, the Seniors Manager, Policy Governance and Cybersecurity Outreach is responsible for managing the governance of the Cybersecurity Policy and Standards framework and of the Cybersecurity Outreach and Awareness program.  This role will manage, and continuously improve the Governance of policies and standards and their integration into processes and controls designed to deliver critical BT services and aligned with applicable industry best practices and standards (e.g. NIST, ISO, COBIT, PCI DSS).  The role will also manage the creation and distribution of periodic Cybersecurity awareness training for the enterprise, including periodic tailored content designed to improve the resilience and vigilance of Bunge employees, contractors and other critical partners, as well as to promote the adherence to BT policies and controls.  This individual will be responsible for creating and delivering engaging content, conducting training sessions, and collaborating with cross-functional teams to ensure the effective implementation of cybersecurity best practices throughout the organization. The ideal candidate will have a strong understanding of cybersecurity risks and threats, as well as excellent communication and interpersonal skills.

Main Accountabilities:
•    Accountable for the performance of the BT Policy Governance and Cybersecurity Awareness team, including adherence to budget and the delivery of team objectives and goals. Build and operationalize a team of eventually 3-5 direct reports.  
•    Serve as a liaison to coordinate Governance activities with BT and business stakeholders to ensure proper engagement, effective Cybersecurity policies and standards, exceptions management, enablement and training, and the alignment against applicable industry best practices (e.g. NIST, ISO, COBIT, PCI DSS) as needed.
•    Oversee and conduct comprehensive cybersecurity awareness programs and initiatives to educate employees and stakeholders about cybersecurity risks and best practices.  Conduct regular cybersecurity training sessions for employees at all levels of the organization, ensuring that they have the knowledge and skills to protect themselves and the company from cyber threats and to adhere to applicable policies and standards.  Conduct periodic phishing and other social engineering campaigns to gauge resilience and to prioritize corrective training actions.
•    Mentor and manage the activities of other BT Policy Governance and Cybersecurity Outreach team members, including the effective utilization of process automation and reporting through Bunge’s Governance, Risk and Compliance (GRC) automation. 
•    Actively collaborate and support partner functions across Bunge’s Governance, Risk and Compliance functions, and with stakeholders throughout BT and Cybersecurity.
•    Lead, and participate in, projects that include internal control, regulatory compliance, and related capabilities scope to ensure adherence to applicable policies, assurance of control performance, and the achievement of team and program goals.

Education/Experience:

• Bachelor's degree in computer science or information systems, risk management, accounting, finance, or equivalent combination of education and work experience.
• 10 plus years of experience in Information Technology, Internal Audit, Internal Controls, Cybersecurity outreach, awareness and training, or related disciplines (or equivalent combination),  
• 7 plus years of experience in managerial/leadership roles in similar areas of experience.
• Demonstrated experience in the design, implementation, monitoring and improvement of Information Technology and Cybersecurity Policy Governance and Cybersecurity Outreach and training programs.
• Knowledge of Sarbanes-Oxley (SOX), Payment Card Industry (PCI) compliance, GDPR (General Data Protection Regulation) compliance or other applicable compliance programs preferred.
• Solid understanding of Governance, Risk and Compliance methodologies and effective automation through GRC tooling. Experience with Archer GRC preferred.
• Proven experience implementing Information Technology and Cybersecurity frameworks required.  Possible examples include: NIST, ISO 27k, COBIT, PCI DSS.
• Certifications such as CRISC, CGEIT, CISSP preferred. 
• Ability to manage and execute numerous parallel activities in a fast-paced, dynamic environment.
• Ability to build and maintain constructive working relationships with a diverse community throughout the organization.
• Ability to effectively communicate in both written and verbal manner to influence both technical and non-technical audiences at all levels of the company including executives.
• Excellent analytical and problem-solving skills.
• Project management skills preferred.
• Actively shapes our company culture (e.g., supporting employee resource groups, mentoring employees, volunteering, joining cross-functional projects).
• Champions our cultural norms (e.g., willing to have cameras when it matters, helping onboard new team members, building relationships, etc.).
• Demonstrates a company ownership mindset, thinking beyond boundaries of their own area.
• Recognized as an expert, both internally & external to Bunge, in Information Technology and Cybersecurity methodologies and frameworks (e.g. NIST, ISO, COBIT, PCI DSS), effective outreach and awareness, training and communications methods across all levels of the organization.
• Can apply both a measured reactive and a deliberate proactive approach to the Cybersecurity Outreach and Awareness program, staying informed of emerging industry trends and techniques and changes in regulations to ensure continuous compliance and performance within risk appetite and policy requirements.
• Apply expertise to determine root cause, to advise leadership on appropriate remediation methods, and to mitigate or remediate policy adherence to an acceptable residual level, across various functional areas of Business Technology and Cybersecurity, including longstanding or improvements without a historical precedent.

Bunge (NYSE: BG) is a world leader in sourcing, processing and supplying oilseed and grain products and ingredients. Founded in 1818, Bunge’s expansive network feeds and fuels a growing world, creating sustainable products and opportunities for more than 70,000 farmers and the consumers they serve across the globe. The company is headquartered in St. Louis, Missouri and has 25,000 employees worldwide who stand behind more than 350 port terminals, oilseed processing plants, grain facilities, and food and ingredient production and packaging facilities around the world.

Bunge is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, gender expression, transgender status, national origin, citizenship, age, disability or military or veteran status, or any other legally protected status.  Bunge is an Equal Opportunity Employer. Minorities/Women/Veterans/Disabled