Expert GRC Analyst
Lodz, PL, 90-530
About the role:
Barry Callebaut Digital (BC Digital) is on a mission to lead the digital revolution in the chocolate industry, and we're looking for a GRC Analyst for our Risk & Compliance team to shape this transformative journey. Reporting to the Head of Digital Risk & Compliance, you will ensure the organization as well as third parties comply with regulatory requirements, manage risks effectively, and maintain strong governance practices. You will conduct risk assessments, monitor compliance and cyber security, respond to regulatory requirements, and collaborate with internal teams to implement policies and procedures that align with legal and operational standards. This position involves an understanding of regulatory requirements and the ability to translate them into operational controls that are precisely aligned with our company's risk profile. Join us to make a significant impact and help steer BC Digital towards an exciting future.
Key responsibilities:
- Develop comprehensive risk management strategies in alignment with organizational goals.
- Implement risk and compliance policies and procedures mitigating potential threats to BC’s digital assets.
- Monitor and ensure compliance with regulatory requirements and internal policies.
- Implement and monitor BC’s information security common control framework, to protect sensitive data and ensure data privacy compliance.
- Assess and manage risks associated with third-party vendors, suppliers, and partners.
- Collaborate with procurement and legal teams to establish third-party risk management requirements and controls.
- Support incident response efforts, including investigating security incidents and breaches.
- Collaborate with various departments to implement risk mitigation strategies.
- Perform audits and reviews to verify compliance with policies and assess the effectiveness of controls.
- Utilize and manage GRC tooling for effective risk and compliance tracking.
- Support the modernization of digital risk and compliance tools, procedures, and policies.
- Provide regular reports on governance, risk, and compliance activities.
- Support the creation of training programs to promote compliance awareness.
- Guide and mentor junior colleagues.
About you:
- Graduate degree in information technology, cybersecurity, business administration, or a comparable field.
- Proficient in English.
- Minimum 10 years of relevant experience in cybersecurity, governance, risk & compliance management.
- Deep understanding of risk management principles, methodologies, and tools, and the development of effective mitigation strategies.
- Experience in implementing Information Security Management Systems (ISMS) and Governance, Risk, and Compliance (GRC) frameworks such as ISO 27001, CIS, NIST, CoBIT.
- Experience with GRC tools such as RSA Archer, ServiceNow GRC, or similar.
- Independent and self-driven personality with a structured and organized approach.
- Ability to coach and mentor colleagues.
- Ability to create internal and external partnerships/networks across the organization.
- Ability to analyze complex situations and develop actionable improvement plans in collaboration with diverse teams.
- Competence in managing workloads, and effectively prioritizing tasks to meet deadlines.
We offer:
- Employment on a regular basis in the sweetest company in the world.
- Annual bonus based on your work results.
- Lunch card to be used for groceries and restaurants.
- Private medical care in Lux Med (basic package fully financed by BC).
- Fit Profit sports card co-financed by BC.
- PPE: we care about your future, and we save money for your retirement.
- Cafeteria Program as a part of Social Fund.
- Group life insurance.
- Hybrid working model: min. 8 days in the office a month.
- As part of our work-life balance culture, we can start work between 7 am and 10 am.
- Free consultation with a lawyer once a quarter.
- Chocolate! Yes, surprising but we have chocolate in the office, for Christmas, BC’s Birthday, and many other occasions during the year.
- And if chocolate is still not enough, you can join one of our theme clubs, where together with other employees we develop our passions and interests.
- Daily delivery of fresh fruits and veggies to the office.
- You can purchase our sweet products with a special discount.
- Relax zone in the office and plenty of options to choose from: PlayStation 5, football table, pool table, Ping-Pong, library, table games, and massage chairs.
- Sport @work? Sure! We have treadmills and indoor exercise bikes with a laptop station.
- We like to party as much as we like chocolate! We have integration budgets we can use for team events.
- Forever Chocolate and Event Team: you can join them and have a real influence on social life in BC and CSR activities.
Job Segment:
Compliance, Risk Management, Law, Procurement, Legal, Finance, Operations