Apply »

Givaudan is the global leader in the creation of flavours and fragrances. In close collaboration with food, beverage, consumer product and fragrance partners, Givaudan develops tastes and scents that delight consumers the world over. With a passion to understand consumers’ preferences and a relentless drive to innovate, Givaudan is at the forefront of creating flavours and fragrances that ‘engage your senses’. The Company achieved sales of CHF 5.1 billion in 2017. Headquartered in Switzerland with local presence in over 100 locations, the company has more than 11,100 employees worldwide. Givaudan invites you to discover more at

Information Security GRC Manager

Join us and celebrate the beauty of human experience. Create for happier, healthier lives, with love for nature. Together, with kindness and humility, we deliver food innovations, craft inspired fragrances and develop beauty and wellbeing solutions that make people look and feel good. There’s much to learn and many to learn from, with more than 16,800 employees around the world to explore ideas and ambitions with. Dive into varied, flexible, and stimulating environments. Meet empowered professionals to partner with, befriend, and stretch your skills alongside. Every day, your energy, your creativity, and your determination will shape our future, making a positive difference on billions of people. Every essence of you enriches our world. We are Givaudan. Human by nature.  

Information Security GRC Manager - your future role?


As the Information Security Manager in Budapest, Dortmund, Paris or Sant Celoni, you will report to the CISO, you will lead the Governance, Risk, and Compliance (GRC) team for Information Security.

This position is open in multiple locations.



In this role you will:


  • Information Security Governance

    • Prepare and maintain ISO 27001 certification

    • Create reporting framework for Information Security

    • Define and drive Information Security GRC Strategy 

    • Oversee the Cyber security program governance processes including cyber security risk reporting (recommending new report formats, reporting technologies and collaborating with team members to build-out reports/dashboards), and governance committee(s) and board updates


  • Manage Information Security Standards

    • Oversee the development of cyber security standards, including incorporating industry practices and applicable compliance requirements

    • Help use information security standards by the business and manage exceptions

    • Develop a program to monitor compliance with cyber security standards and security rules of relevant cyber security and regulatory privacy requirements


  • Risk Management

    • Establish a cyber security risk management program designed to identify, report, and respond to cyber security risks; lead annual enterprise cyber security risk assessment

    • Manage the cyber risk evaluation and risk assessment processes.

    • Consolidate, analyze and report Data analysis of important GRC risk information, including the cyber risk register, policy exceptions, audit findings and data security reviews.


  • Third-party and Client Security assessments

    • Oversee and improve third-party information security risk management program to identify, assess, and manage risks associated with the usage of third-parties/vendors

    • Manage and improve client security assessments program


  • Information Security Assurance Program

    • Define, drive and manage the governance of the Information security assurance program

    • Plan and execute testing of security controls and processes to identify deviation from expected performance 

    • Ensure each identified deviance is treated as an Information Security Risk 


  • GRC Team Management

    • Continuously define organizational skills, capabilities, and job roles recruit candidates, and lead a team of experts.



Your professional profile includes:


  • 5 years working in a GRC information security role and/or similar information security discipline

  • Experience in working with IT systems and IT operations.

  • Experience in implementing and using GRC tools.

  • Experience in implementing and operating an ISMS aligned to ISO27001

  • Knowledge of information security risk management frameworks and compliance practices.

  • Develop security policies and guidelines based on best practices and industry

  • standards

  • Excellent interpersonal, including formal report writing

  • experience

  • Understanding of common security and privacy standards and regulations e.g. SOC 2, ISO

  • 27001/2, GDPR, CIS, and NIST

  • Desired certification: CISSP



Multiple location: Budapest (Hungary), Dortmund (Germany), Paris (France), Sant Celoni (Spain) 

At Givaudan, you contribute to delightful taste and scent experiences that touch people’s lives.
You work within an inspiring teamwork culture – where you can thrive, collaborate and learn from other talented and passionate people across disciplines, regions and divisions.
Every essence of you enriches our world.
Givaudan is committed to equal opportunities. Therefore, we welcome applications regardless of cultural and social background, gender, age, religion or sexual identity. 
We also have a safe working environment, progressive working conditions and are certified as an equal pay employer.

At Givaudan, you contribute to delightful taste and scent experiences that touch people’s lives.
You work within an inspiring teamwork culture – where you can thrive, collaborate and learn from other talented and passionate people across disciplines, regions and divisions.
Join us and Impact Your World

Diversity drives innovation and creates closer connections with our employees, customers and partners.
Givaudan embraces diversity and is committed to building an inclusive environment where everyone impacts our world.

Apply »