Select your country to enhance your experience

Want notifications for new jobs like this? Provide your information below to setup an alert.
 

Head of IT Governance, Risk & Compliance


Apply to this position

Job Title: Head of IT Governance, Risk & Compliance
Location: Chicago, IL, Mid-West United States, USA
Company: Syngenta
Industry Sector: Agribusiness
Industry Type: Plant & Soil Sciences, Seed and Biotechnology
Career Type: IT/Software Development
Job Type: Full Time
Minimum Years Experience Required: N/A
Salary: Competitive
Apply to this position
Apply to this position

About Syngenta:Syngenta
is a leading agriculture company helping to improve global food security by
enabling millions of farmers to make better use of available resources. Through
world class science and innovative crop solutions, our 28,000 people in over 90
countries are working to transform how crops are grown. We are committed to rescuing land from
degradation, enhancing biodiversity and revitalizing rural communities.


About this Job:We believe
that that most IT departments witness change, we aim to cause it by discovering
and applying new and novel technologies to real world problems. We are looking
for curious, determined and high performing individuals who will push hard
forbreakthroughsthat help the company.


The
Information Security team is a pillar of the Syngenta IT organization responsible
for ensuring the confidentiality, integrity and availability of Syngentas
people, processes, technology and information. As the Head of Risk, Policy and
Compliance, you will be part of the Information Security team and will be a key
point of contact for the Legal and Compliance organizations of the company. You
will be responsible for developing and evolving processes and procedures to
ensure current and future security, audit, compliance, and cyber-risk
management obligations are met in a Cloud First and Data rich environment.


An ideal
candidate is passionate about Information Security and brings creative
approaches to drive out and remediate risks across the organization as well as
enable and accelerate innovation.


Essential Duties &
Responsibilities:


  • Develop the vision and own the roadmap
    for IT Security Risk and Compliance.
  • Develop and enhance information
    governance policies and standards.
  • Identify, assess, manage, and track remediation
    of risks related to IT applications, platforms and suppliers.
  • Manage and maintain a risk reporting
    framework for management teams and governance committees.
  • Define and manage the Key Performance
    Indicators (KPIs) to assure effectiveness and compliance across processes and
    process owners.
  • Integrate information security policies,
    governance and risk framework into IT and business processes.
  • Collaborate with internal and external auditors
    and legal team, enable the tools and technology to support e-discovery, and articulate
    control implementation and impact.
  • Collaborate with business owners to
    address customer inquiries regarding security and privacy controls, and audit
    compliance.
  • Collaborate with various project
    requests from functional teams to decrease risk, increase operational
    efficiency, strengthen IT environment, and help meet the companys internal and
    external regulatory or compliance requirements.
  • Apply a working knowledge of global data
    privacy, information security regulations and policies to articulate
    customer/control impact.
  • Drive
    process improvement and control implementation projects in coordination with
    the service teams. This includes the resolution of audit findings and the
    execution of projects originated from internal assessments.
  • Measure decision latency and
    relentlessly work to reduce it.


Skills:

  • Develop the vision and own the roadmap
    for IT Security Risk and Compliance.
  • Develop and enhance information
    governance policies and standards.
  • Identify, assess, manage, and track remediation
    of risks related to IT applications, platforms and suppliers.
  • Manage and maintain a risk reporting
    framework for management teams and governance committees.
  • Define and manage the Key Performance
    Indicators KPIs to assure effectiveness and compliance across processes and
    process owners.
  • Integrate information security policies,
    governance and risk framework into IT and business processes.
  • Collaborate with internal and external auditors
    and legal team, enable the tools and technology to support e-discovery, and articulate
    control implementation and impact.
  • Collaborate with business owners to
    address customer inquiries regarding security and privacy controls, and audit
    compliance.
  • Collaborate with various project
    requests from functional teams to decrease risk, increase operational
    efficiency, strengthen IT environment, and help meet the companys internal and
    external regulatory or compliance requirements.
  • Apply a working knowledge of global data
    privacy, information security regulations and policies to articulate
    customer/control impact.
  • Drive
    process improvement and control implementation projects in coordination with
    the service teams. This includes the resolution of audit findings and the
    execution of projects originated from internal assessments.
  • Measure decision latency and
    relentlessly work to reduce it.
Education &
Experience:


  • 7+ years experience in IT security,
    compliance and risk management, data privacy, or security controls.
  • Experience with enterprise risk
    management methods and techniques to drive successful outcomes in a global
    enterprise environment.
  • Strong knowledge and understanding of Regulatory Compliance
    and Information Security control measures as defined in ISO 27001.
  • Understanding of GDPR, SOX, PCI, HIPAA
    and Privacy compliance requirements.
  • Understanding of cloud computing
    services/SaaS architecture, Agile, CI/CD, DevOps approach and how they impact risk
    management and compliance is a plus.
  • Demonstrated knowledge of security architecture and risk
    framework principles and concepts.
  • Experience in using analytics to drive
    measurement of IT process effectiveness and consistency is a plus.
  • Bachelor's Degree in Information
    Security, Information Systems Management, Computer Science or related
    discipline required.
  • CISSP, CRISC, CIPP-EU/US, CISA and/or CISM certification
    preferred.
  • All applicants must be eligible to work in
    the US.
Additional Knowledge,
Skills, Traits & Abilities:


  • Proactive approach and enthusiasm for problem identification
    and solving.
  • Curious and passionate about Information Security.
  • Keeps up to date with currentInformation Security
    trends, industry and developments.
  • Strong ability to research and investigate complex IT
    related topics.
  • Excellent verbal and written communication skills including
    strong interpersonal skills.
  • Ability to lead, be self-directed and/or work independently
    or as part of a global team.
Syngenta
is an Equal Opportunity Employer and does not discriminate in recruitment,
hiring, training, promotion or any other employment practices for reasons of
race, color, religion, gender, national origin, age, sexual orientation, gender
identity, marital or veteran status, disability, or any other legally protected
status.


Syngenta
Contact Information: please contact the
Service Desk atrecruitment.na@syngenta.com


Family
and Medical Leave Act FMLA


Equal
Employment Opportunity Commission's EEOC


Employee
Polygraph Protection Act EPPA



To apply please click on APPLY TO THIS POSITION

Job Post Date: 04/13/19
Apply to this position
Here are some other jobs you may be interested in applying for.

IT Solutions Lead-Hire to Retire
Archer Daniels Midland Company (ADM)
Decatur, Illinois,