GRC Lead

Arxada is a global leader in innovative solutions that protect our world. Our groundbreaking technologies in-depth regulatory know-how manufacturing and process development help our customers to safeguard nutrition health and infrastructure efficiently through chemistry and biotechnology that enhance sustainability. We offer a broad portfolio of ingredients and services for multiple end-markets that include Human Health & Nutrition Home & Personal Care Professional Hygiene Paints & Coatings and Wood Protection.

With customers in more than 100 countries the company achieved sales of CHF 2 billion in 2024. Headquartered in Basel (Switzerland) Arxada employs 3200 associates across 24 production sites and 14 R&D centers all committed to our customers success.

Arxada is seeking an Information Security GRC Lead that will own global SAP Authorization Risk Management. The role requires deep knowledge and experience in risk management information security governance risk and compliance and process development.

• Information security controls are defined documented and aligned with adopted frameworks policies and compliance requirements;
• Security risks are identified tracked and managed.
• Adopted internal controls are regularly monitored for effectiveness and compliance with the goal of continuous process improvement.
• Drives and manages the technical delivery of SAP GRC and authorization solutions within the SAP environments to meet new business requirements audit readiness and protection from both internal and external threats.
• Manages the external SAP authorization team (service provider).
• Works closely with Internal Audit Business SAP Functional support and Basis teams in implementing GRC Access Controls.
• Works closely with the internal control team and internal IT Application team members to manage new authorization requests and troubleshoot issues and implement appropriate solutions.
• Works with business and project teams to troubleshoot issues with authorization objects and identify and implement appropriate solutions.
• Establishes document and ensure adherence to SAP security policies and procedures.
• Performs routine user access and entitlement reviews including identification of segregation of duties conflicts.
• Performs enterprise risk assessments report results to management and establish/leverage formal risk tracking and acceptance processes.
• Establishes information security internal control mappings and ensure alignment with adopted security and compliance frameworks.
• Performs third party service provider/vendor risk assessments.
• Develops information security and data privacy policies standards and procedures; routinely review and update governance documents.
• Tracks penetration testing remediation efforts to successful remediation as validated by subsequent follow-up testing.
• Provides documentation and research assistance as needed during information security incident response scenarios.
• Performs research related to emerging solutions and methodologies that will help the organization reduce risk and evolve with a changing threat landscape.
• Cyber security objectives in all aspects of the business.

• Experience adopting and implementing risk management cyber security and compliance frameworks (e.g. NIST CSF 2.0 ISO 27000-series Swiss Data Protection Act EU GDPR GxP).
• Knowledge of or experience working with cloud technologies/environments including evaluating and implementing controls on Infrastructure as a Service (IaaS) environments.
• Analytical thinker with strong organizational skills; attention to detail.
• Prior use and knowledge of GRC tooling (e.g. SAP GRC or similar).
• Broad knowledge of both information technology and computer security issues requirements trends and industry practices.
• Outstanding oral and written communication skills in English. Business fluency in German would be desirable.

Microbial Control Solutions (MCS) focuses on threats posed by microorganisms to people and planet through five distinct business lines including Professional Hygiene Home & Personal Care Wood Protection Paints & Coatings and Material Protection.

Nutrition Care & Environmental (NCE) meanwhile provides materials used to manufacture composites for electronics aerospace and other markets as well as vitamins and nutritional ingredients chemicals and performance intermediates and raw materials for a wide range of high-performance applications.

Arxada is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race religion color national origin sex sexual orientation gender identity age status as a qualified individual with disability protected veteran status or any other characteristic protected by law.

• Facilities Management
• Biotechnology
• Creative Production
• Design And Estimation
• Architecture

Employment Type: Full-Time

Experience: years

Vacancy: 1