Savencia is an international, family-owned, and independent agri-food group with 26,000 employees, headquartered in France. Savencia operates in the cheese and dairy industry as well as fine delicatessen and chocolate. Savencia is among the world’s leading companies in producing specialty cheeses.

Serving the business lines, Savencia IT & Digital Services has 410 employees located in 21 countries.

Savencia IT & Digital Services is implementing the Group's digital transformation, one of the major challenges of its strategic plan. The mastery of data in all sectors, the digitalization of all processes, resilience and the mastery of cybersecurity are its essential missions.

By joining Savencia IT & Digital Services,

• You share the Group's values on a daily basis: Tolerance, Courage, Honesty, Loyalty,
• You join a Great Place to Work certified entity,
• You participate in international projects within a Group present in 30 countries,
• You benefit from a real tailor-made integration process,
• You have a wide range of personalized training programs - individual and collective,
• You will be able to seize opportunities for mobility and professional development.

Job Summary:

The Regional Information Security Officer (RISO) for the Americas region is responsible for overseeing and managing the information security strategy, operations, and compliance for the region. The RISO will work closely with the Global Information Security team, regional IT teams, and business units to ensure the protection of the organization's information assets and compliance with relevant regulations and standards.

Key Responsibilities:

1. Information Security Strategy:
   • Develop and implement the regional information security strategy in alignment with the global information security strategy.
   • Identify and assess security risks specific to the Americas region and develop mitigation plans.
2. Security Operations:
   • Oversee the implementation and maintenance of security technologies and tools.
   • Monitor security incidents and coordinate incident response activities.
   • Conduct regular security assessments, vulnerability scans, and penetration tests.
3. Compliance and Governance:
   • Ensure compliance with relevant regulations, standards, and policies (e.g., GDPR, CCPA, HIPAA, NIST Cybersecurity Framework).
   • Develop and maintain regional security policies, procedures, and guidelines.
   • Validate that cyber security is by-design in all IT/OT projects.
   • Promote the use of Cybervadis
4. Collaboration and Communication:
   • Collaborate with regional IT teams, business units, and external partners to ensure security measures are integrated into business processes.
   • Communicate security risks, incidents, and compliance status to senior management and stakeholders.
5. Incident Management:
   • Lead the regional incident response team and coordinate with the global incident response team.
   • Investigate security breaches and incidents and develop post-incident reports and remediation plans.
6. Control:
   • Web: Perform websites audit and follow-up on websites security action plans
   • Assist internal and external audit missions for IT Security
   • Lead and follow-up the local IT/OT cyber security assessments.
7. Awareness:
   • Conduct security awareness training and education programs for employees.
   • Organize Cyberdays and training sessions.
8. Industrial Information System Security:
   • Take part in the communication towards industrial directors, plant managers and industrial cybersecurity representatives.
   • Be the local point of contact for the industrial cybersecurity representatives of each plant to increase their self-confidence.

Qualifications:

• Education: Bachelor's degree in Information Security, Computer Science, or a related field. A Master's degree is a plus.
• Experience: Minimum of 5-7 years of experience in information security, with at least 2-3 years in a leadership role.
• Certifications: CISSP, CISM, CISA, or other relevant certifications.
• Skills:
  • Strong knowledge of information security principles, practices, and technologies.
  • Experience with security frameworks and standards (e.g., NIST, ISO 27001).
  • Excellent analytical, problem-solving, and decision-making skills.
  • Ability to manage multiple projects and priorities.
  • Leadership, Strong communication and interpersonal skills.
  • Ability to work independently and as part of a global team.

Additional Information:

• Travel: Occasional travel within South and North America region may be required.
• Work Environment: This position is listed as hybrid based in New Holland, PA.

• To Apply:

Please visit our website at www.afpllc.com . Click on Careers, then AFP Corporate Office, and select

Regional Information Security Officer (RISO)

Savencia is an international, family-owned, and independent agri-food group with 26,000 employees, headquartered in France. Savencia operates in the cheese and dairy industry as well as fine delicatessen and chocolate. Savencia is among the world’s leading companies in producing specialty cheeses.

Serving the business lines, Savencia IT & Digital Services has 410 employees located in 21 countries.

Savencia IT & Digital Services is implementing the Group's digital transformation, one of the major challenges of its strategic plan. The mastery of data in all sectors, the digitalization of all processes, resilience and the mastery of cybersecurity are its essential missions.

By joining Savencia IT & Digital Services,

• You share the Group's values on a daily basis: Tolerance, Courage, Honesty, Loyalty,
• You join a Great Place to Work certified entity,
• You participate in international projects within a Group present in 30 countries,
• You benefit from a real tailor-made integration process,
• You have a wide range of personalized training programs - individual and collective,
• You will be able to seize opportunities for mobility and professional development.

Job Summary:

The Regional Information Security Officer (RISO) for the Americas region is responsible for overseeing and managing the information security strategy, operations, and compliance for the region. The RISO will work closely with the Global Information Security team, regional IT teams, and business units to ensure the protection of the organization's information assets and compliance with relevant regulations and standards.

Key Responsibilities:

1. Information Security Strategy:
   • Develop and implement the regional information security strategy in alignment with the global information security strategy.
   • Identify and assess security risks specific to the Americas region and develop mitigation plans.
2. Security Operations:
   • Oversee the implementation and maintenance of security technologies and tools.
   • Monitor security incidents and coordinate incident response activities.
   • Conduct regular security assessments, vulnerability scans, and penetration tests.
3. Compliance and Governance:
   • Ensure compliance with relevant regulations, standards, and policies (e.g., GDPR, CCPA, HIPAA, NIST Cybersecurity Framework).
   • Develop and maintain regional security policies, procedures, and guidelines.
   • Validate that cyber security is by-design in all IT/OT projects.
   • Promote the use of Cybervadis
4. Collaboration and Communication:
   • Collaborate with regional IT teams, business units, and external partners to ensure security measures are integrated into business processes.
   • Communicate security risks, incidents, and compliance status to senior management and stakeholders.
5. Incident Management:
   • Lead the regional incident response team and coordinate with the global incident response team.
   • Investigate security breaches and incidents and develop post-incident reports and remediation plans.
6. Control:
   • Web: Perform websites audit and follow-up on websites security action plans
   • Assist internal and external audit missions for IT Security
   • Lead and follow-up the local IT/OT cyber security assessments.
7. Awareness:
   • Conduct security awareness training and education programs for employees.
   • Organize Cyberdays and training sessions.
8. Industrial Information System Security:
   • Take part in the communication towards industrial directors, plant managers and industrial cybersecurity representatives.
   • Be the local point of contact for the industrial cybersecurity representatives of each plant to increase their self-confidence.

Qualifications:

• Education: Bachelor's degree in Information Security, Computer Science, or a related field. A Master's degree is a plus.
• Experience: Minimum of 5-7 years of experience in information security, with at least 2-3 years in a leadership role.
• Certifications: CISSP, CISM, CISA, or other relevant certifications.
• Skills:
  • Strong knowledge of information security principles, practices, and technologies.
  • Experience with security frameworks and standards (e.g., NIST, ISO 27001).
  • Excellent analytical, problem-solving, and decision-making skills.
  • Ability to manage multiple projects and priorities.
  • Leadership, Strong communication and interpersonal skills.
  • Ability to work independently and as part of a global team.

Additional Information:

• Travel: Occasional travel within South and North America region may be required.
• Work Environment: This position is listed as hybrid based in New Holland, PA.

• To Apply: Please visit our website at www.afpllc.com . Click on Careers, then AFP Corporate Office, and select Regional Information Security Officer.