Symrise is a global supplier of fragrances, flavors, food, nutrition, and cosmetic ingredients. Its clients include manufacturers of perfumes, cosmetics, food and beverages, pharmaceuticals and producers of nutritional supplements and pet food.
Its sales of € 4.9 billion in the 2024 fiscal year make Symrise a leading global provider. Headquartered in Holzminden, Germany, the Group is represented by more than 100 locations in Europe, Africa, the Middle East, Asia, the United States and Latin America.
Symrise works with its clients to develop new ideas and market-ready concepts for products that form an integral part of everyday life. Economic success and corporate responsibility are inextricably linked as part of this process.
Symrise - always inspiring more…
Your role
The Global IT & Cyber-Security Audit Manager plays a critical role in safeguarding Symrise against increasing risks related to technology, digitalization, and AI.
This position delivers independent assurance across critical IT services, cloud platforms, and emerging technologies, while supporting business and digital transformation initiatives. The role ensures secure, compliant, and risk-aware implementation of new solutions across the organization.
Operating without direct reports, the position exerts strong functional influence across global IT, digital, and OT stakeholders, enabling risk-based decision-making and protecting business continuity, operational stability, and cost efficiency.
Key Responsibilities
- Lead and continuously enhance the global IT, information security, cyber, and OT security audit and assurance program, ensuring alignment with Symrise policies, global standards, and regulatory requirements.
- Integrate security assurance early into digitalization and technology‑driven projects, enabling secure, compliant, and risk‑aware implementation of new solutions. · Conduct technology audits, including reviews of cloud platforms, SaaS applications, data platforms, and emerging digital solutions.
- Perform AI/ML risk assessments, evaluating model governance, data protection, algorithmic risks, and controls for responsible and compliant use of AI technologies.
- Audit key IT projects to ensure security requirements, architectural standards, and risk mitigations are embedded throughout the project lifecycle.
- Coordinate and oversee technical assessments, including penetration tests, configuration reviews, and specialized technology audits - covering planning, execution oversight, results validation, and follow-up of corrective actions.
- Provide security guidance to project managers, product teams, digitalization initiatives, and platform owners to address control gaps and meet internal and external compliance expectations.
- Conduct and support OT security risk assessments, interpret regulatory/technical requirements, and guide mitigation planning and execution.
- Advise production and engineering teams on OT security controls, including architecture, segmentation, secure configuration, and lifecycle protection of industrial systems
- Proven experience in IT and cyber‑security auditing, including technology audits, cloud security reviews, AI/ML risk assessments, and security evaluations embedded into digitalization and transformation projects.
- Demonstrated ability to lead complex audit and assurance activities across technology domains, including cloud platforms, AI‑driven solutions, and modern IT environments. * Excellent analytical and problem‑solving capabilities, with the ability to assess complex IT and digital platforms, identify security risks early, and translate findings into actionable recommendations for IT, AI, and digitalization stakeholders.
- Strong communication and stakeholder management skills, with experience working across IT, digital product teams, business functions, and external partners in the context of audits and security assessments.
- Basic familiarity with OT/ICS security or willingness to develop this knowledge is beneficial, but not required. Optional exposure to industrial networks and production‑system risk assessments is advantageous.
- Excellent command of English (written and verbal). Knowledge of German and/or French is a strong advantage, particularly for working with regional business units and production teams.
- Minimum of 5 years of professional experience in IT, cyber security, or digitalization security, with at least 4 years in audit, assurance, or compliance functions.
- Relevant certifications such as CISA, CISSP, CISM, ISO 27001 Lead Auditor, or similar credentials are highly desirable.
📍 Location
Spain - Barcelona - Join our Data & AI Hub located in Poblenou!
This role follows a hybrid work model
✨ What We Offer
✅ Competitive salary & benefits 💰
✅ Private health & life insurance 🏥
✅ Hybrid work model in Poblenou 🏡+🏢
✅ International, innovative team 🌎