Governance, Risk and Compliance Lead

About Us

We are a global leader in food & beverage ingredients. Pioneers at heart, we operate at the forefront of consumer trends to provide food & beverage manufacturers with products and ingredients that will delight their consumers. Making a positive impact on people and planet is all part of the delight. With a deep-rooted presence in the countries where our ingredients are grown, we are closer to farmers, enabling better quality, and more reliable, traceable and transparent supply. Supplying products and ingredients at scale is just the start. We add value through our unique, complementary portfolio of natural, delicious and nutritious products. With our fresh thinking, we help our customers unleash the sensory and functional attributes of cocoa, coffee, dairy, nuts and spices so they can create naturally good food & beverage products that meet consumer expectations. And whoever we’re with, whatever we’re doing, we always make it real.

Job Description

Background 

Olam International Limited is a leading food and agri-business supplying food, ingredients, feed, and fibre to over 19,800 customers worldwide, ranging from multi-national organizations with world-famous brands to small family-run businesses. Olam’s value chain spans over 60 countries and includes farming, processing, and distribution operations, as well as a sourcing network of 4.8 million farmers. It is headquartered in Singapore and listed on the Singapore Stock Exchange. 

The Board of Olam International Ltd, Singapore decided to reorganize Olam’s global businesses into separate companies to sharpen the focus on individual business categories:
o    Olam Holding (OH)
o    Olam Food Ingredients (ofi)
o    Olam Agri 

The reorganization was carried out at the global level.

About the function: Digital & Information Technology
Given the carve-out and the new strategic journey, ofi is focussing on areas that accelerate growth through innovation strategy. Along these lines, the IT function is looking forward to driving the next wave of value creation that can have a tangible positive impact on the organization as well as our partners including farmers, suppliers, customers and communities. 

About the Role: Governance, Risk and Compliance Leader

Build and lead the GRC function in line with Cyber Security Policy. 
As the GRC leader you will play a critical role in ensuring that ofi adheres to regulatory requirements, industry standards and internal policies related to information security.  You will lead efforts to establish and maintain effective governance frameworks, assess risks, develop and improve policy and implement controls.  This role requires expertise in ISO27001, NIST, GDPR and experience working in regulated areas around the globe including Europe.

The role will ensure that all people working for and with ofi know and understand what is expected of them to keep ofi secure, through owning, managing and delivering a comprehensive cyber behavioural change programme.
Additionally managing all third party compliance, from RFP through contract lifecycle management.

This role requires a deep understanding of:

• Information Security Risk Management
• Enterprise Risk Management
• Assurance process and tooling
• Behavioural change management
• Information Security Compliance

You will be required to think both strategically and tactically deliver day to day. You must be able to communicate effectively at all levels, execute with precision and an eye on the detail.  

Key Responsibilities

• Develop Policy, processes and controls to deliver a secure ofi
• Oversee compliance by internal teams and outsourced teams to the policies and contracted obligations, ensuring legal and regulatory requirements are met
• Own, develop, deliver and continuously improve a cyber security culture and behavioural change program
• Ownership of vulnerability and patch management processes and outcomes
• Third party risk management through all stages of contract lifecycle
• Partner with Enterprise risk management and Internal audit to manage IT risks and findings
• Support ofi to develop, record and maintain crisis management plans that consider cyber as a threat.
• Collaborate with key stakeholders to resolve incidents impacting regulatory compliance
• Perform horizon scanning to proactively identify and intercept potential changes in our regulatory landscape

Qualifications & Skills

• Excellent interpersonal, communication and negotiation skills. Able to summarise and present complex concepts 
• Extensive experience (and qualifications where appropriate) in ISO27001, NIST, SOC2 GDPR, and EUDR
• University degree ideally in Information Security or related field 
• CISM, CISSP, CRISC qualification would be preferred
• Experience managing partners to deliver against contracted accountabilities / SLA’s / KPI’s
• Financial management experience
• Project management experience
• Deep understanding of cyber risk and regulatory requirements
• Flexibility to collaborate with colleagues across multiple locations and time zones when required.

ofi is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, nationality, disability, protected veteran status, sexual orientation, gender identity, gender expression, genetic information, or any other characteristic protected by law.

Applicants are requested to complete all required steps in the application process including providing a resume/CV in order to be considered for open roles.