Company Description

As a global key player in yeasts and fermentation, Lesaffre designs, manufactures and markets innovative solutions for Baking, Food taste & pleasure, Health care and Biotechnology.

Family group born in northern France in 1853, now a multi-national and a multicultural company, Lesaffre is committed to working with confidence to better nourish and protect the planet.

In close collaboration with its clients and partners, Lesaffre employs 11 000 people in more than 50 countries.

Lesaffre achieves a turnover of 3 billion euros.

Job Description

Contexte :

As part of the creation of a new position, Lesaffre is looking for its future GRC Lead (Governance, Risk, and Compliance Lead).

Reporting to the Group CISO, in close collaboration with the Group and the local teams (IT and industrial), You will be responsible for ensuring compliance with IT/OT security rules.

Your essential missions will be:

• In a heterogeneous IT/OT environment, to audit (internally or with the help of partners) the compliance of the existing IS systems with our internal cybersecurity repository, then to follow-up and control improvement plans.
• Answer to the regulatory audits (SWIFT, GMP, Financial auditors, etc.) and to special audits requested by our partners.
• Coordinate the compliance activities related to local regulations (NIS2).
• Assist the IT/OT teams in their new projects, to be compliant by design with our security rules.
• Participate in the improvement and update of our security repository (policies, rules, guidelines, response plans, etc.), and more globally to build/animate the ISMS.
• Organize cyber-crisis simulations, with our business teams and the CISO.
• Lead the cyber risk analysis process (NIST based), in collaboration with the risk management team and the CISO.
• Address the data privacy questions, in collaboration with the Legal Department.
• Participate in the development of the IT/OT security budget, its implementation and monitoring.
• Participate actively to organize awareness campaigns.
• Help the Group and local teams in the evaluation of IT/OT solutions and related partners.
• Help to design and calculate IT/OT security KPIs.
• Work closely with the IT and OT Security Managers to define a homogeneous security approach.

• With a higher IT education (Bac+5), and at least 10 years' operational experience in IT information systems, you have first significant experience in the field of IT security, ideally in a structure of a similar size to ours.
• You have a good knowledge of the different IT security standards & associated referential. Experience in the OT field is a plus.
• Even if compliance is your primary focus, you are versatile and operational. And able to deal also with technical issues and assist your colleagues in their tasks.
• Practical experience in the field (installation and management of IT/OT industrial systems and networks) is mandatory. 
• Good communicator, you are comfortable with various types of interlocutors (IS, Industrial teams, Business, Management).
• Your ability to work in a matrix organization and lean structures is essential.
• Fluent in English & French.
• You will be required to travel to the group's subsidiaries to provide on-site operational support when necessary (around 20% of the work time).

Additional Information

What Lesaffre can offer you : 

• Join a family business rich in a long history with human-oriented values with a mission: To Nourish and Protect our Planet, 
• Evolve in an enriching work environment and a multicultural context 
• You will experience intellectual challenges within a multi-expertise network.

At Lesaffre, diversity is a strength that enriches our culture and our teams. We are committed to offering you a work environment where you can thrive, regardless of your background, gender, age or abilities. We encourage all applications, as we believe that diverse perspectives strengthen our ability to innovate and meet the challenges of tomorrow.