About the role

Barry Callebaut Digital (BC Digital) is on a mission to lead the digital revolution in the chocolate industry, and we're looking for a Head of Applications & Data Security to spearhead this transformative journey. This new role is a cornerstone of our digital strategy, aimed at transforming our digital capabilities to position Barry Callebaut as a digital-first leader in the market. Reporting directly to the Chief Information Security Officer (CISO), you will ensure our applications are securely configured and our technical data controls are consistently applied across the organization. Additionally, you will oversee our Information Security tools, procedures, and policies to maintain a secure and compliant technology landscape. You will take on a vital role in the digital transformation of our organization by providing strategic direction and leadership to the Applications & Data team. This position is not just about leading; it's about inspiring a digital, user-centric culture and setting new industry standards. Join us to make a significant impact and help steer BC Digital towards an exciting future.

 

Key responsibilities include

Assume a pivotal leadership role in driving BC's digitization efforts, focusing on our Information Security tools, procedures, and policies Directly report to the CISO, ensuring a secure and compliant application and data landscape Lead, mentor and inspire the Applications & Data Security team, including App and Data Security Engineers, in evaluating and prioritizing information security risks for BC’s application landscape and data infrastructure while fostering a culture of innovation, collaboration, and diversity In partnership with Application Management teams, ensure corporate applications are securely configured and managed, aligning with best practices and regulatory standards In partnership with the Data & Analytics team, the Data Privacy Officer, oversees the implementation and consistency of technical data controls across the organization, ensuring compliance with regulatory requirements Oversee the design and deployment of security solutions to protect applications and data from internal and external threats Collaborate with the CISO to integrate application and data security practices into the overall cybersecurity framework Collaborate with software development teams to integrate security best practices throughout the software development life cycle Implement data encryption, data masking, tokenization, and other data protection technologies Develop and maintain incident response plans, lead the response to the application and data security incidents and coordinate efforts across various teams, ensuring prompt investigation and resolution and close collaboration with Security Operations team Establish and enforce security policies, standards, and best practices for application development and data management Stay updated on emerging security threats, technologies, and regulatory requirements related to application and data security Travel requirements: Global role requires the ability and willingness to travel (25%)

 

About you

Graduate degree in IT/technology, information technology, computer science, network technology, engineering, or a comparable field Minimum of 10 years of relevant experience including managing multi-cultural, dispersed Information Security teams Expertise in data protection techniques and deep knowledge of data privacy laws and regulations, and experience ensuring data compliance Knowledge of relevant laws, regulations, and industry standards related to application and data security (e.g.OWASP, Data Act, AI Act, Cyber Resiliency Act, NIS2, OECD AI Principles) Proficient in English Experience in the consumer goods industry is a plus Deep understanding of application security principles, practices, and tools Experience with secure coding practices, vulnerability assessment, and penetration testing with the ability to integrate security into the Software Development Life Cycle, API Security Expertise in developing and executing incident response plans with the ability to manage and mitigate application and data security incidents effectively The ability to bring people together and mobilize individuals to pursue a joint agenda Ability to drive change collaboratively on a global scale Independent, analytical and self-driven personality Skills to create internal and external partnerships/networks across the organization Brings the ability to conceptualize and articulate a clear vision for the transformation of Information Security, aligning with the company's strategy and culture, demonstrating foresight and planning in a rapidly evolving digital landscape Exhibits a passion for user-centric technology and innovation, constantly seeking to improve service quality, efficiency and security Embraces agile methodologies and flexible thinking to adapt to changing technology trends and business needs, fostering a culture of continuous improvement and learning Puts a strong emphasis on teamwork and cross-functional collaboration, with the ability to build and maintain relationships across different levels of the organization and with external partners Possesses excellent communication skills, capable of conveying complex digital standards and regulations in a clear and persuasive manner to stakeholders at all levels, including non-technical audiences Demonstrates ability to analyze complex situations, identify critical issues, and make bold, strategic decisions to drive progress Inspires and motivates people, encouraging innovation and ownership, while providing guidance and support to achieve high performance and meet digital transformation and regulatory goals Maintains focus and composure in the face of setbacks, showing resilience and the ability to pivot strategies as necessary in response to new challenges and opportunities Creates an environment where all team members feel valued and can contribute to their full potential while adhering to high ethical standards in all decisions and actions Prioritizes service excellence in all initiatives, ensuring that solutions meet customer needs and enhance satisfaction