Cyber and Digital Security Specialist - Digital Protection
Cyber and Digital Security Specialist - Digital Protection
-
Cyber and Digital Security Specialist – Digital Protection
We are looking for Cyber and Digital Security Specialist – Digital Protection to be part of our Digital Protection Security team.
Position Snapshot
- Location: Bengaluru
- Type of Contract: Permanent
- IT Security & Compliance
- Type of work: Hybrid
- Work Language: Fluent Business English
The role
Cyber and Digital Security Specialist – Digital Protection: Under the supervision and guidance of their primary Community of Practice Lead and Product Group Manager, the Cyber and Digital Security Specialist – Digital Protection is responsible for establishing and maintaining security products, platforms and solutions designed to mitigate Digital IT risks across the Group to ensure that information assets are adequately protected. This person is responsible for the identification, evaluation, reporting and mitigation of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. This person will proactively work with IT and business units to implement practices that meet defined policies and standards for information security. The Cyber and Digital Security Specialist – Digital Protection continuously researches and stays on top of emerging security threats, technologies and trends.
What you’ll do
- Ensures new products, platforms and solutions are implemented "Secure & Compliant by Design".
- Works closely with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements.
- Understands and interacts with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management.
- Conduct comprehensive risk assessments of architectural designs, identifying potential security gaps, vulnerabilities, and threats. Develop mitigation strategies and work closely with stakeholders to implement necessary security controls.
- Conduct comprehensive reviews of web application architectures to identify security vulnerabilities, weaknesses, and potential risks.
- Identify and recommend improvements to enhance the security of web application architectures, including but not limited to authentication, authorization, input validation, session management, and data protection mechanisms.
- Help business and IT with web applications security issues mitigation.
- Design, implement, and manage the Akamai edge protection product to protect Nestlé’s web applications from potential attacks and vulnerabilities.
- Configure and fine-tune the Akamai edge protection rules and policies to effectively mitigate web application security risks.
- Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices related to Akamai edge protection and web application security
- Investigate and respond to security incidents related to web applications protected by Akamai edge protection, including incident analysis, containment, eradication, and recovery.
- Support Product Manager to design the roadmap for Digital Protection Security including the assessment of new vendors, tools, and solutions.
We offer you (Example. To be adapted per location)[NEL1]
We offer more than just a job. We put people first and inspire you to become the best version of yourself.
- Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.
- Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
- Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill!
- Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities.
Minimum qualifications: (max. 5)
- 7+ years of experience in a combination of Information Security Architecture or Web Application Firewall Jobs.
- Excellent written and verbal communication skills in English, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences (e.g. management, agencies, vendors).
- Experience determining technical security requirements by evaluating business strategies and needs following a risk-based approach, and describe associated data flows and security controls needed, interacting with a broad cross-section of personnel to explain and enforce security measures.
- Proven track record and experience developing cybersecurity architecture, policies and controls and successfully executing these into a live environment.
- Proven experience in conducting architecture reviews for web applications and identifying security vulnerabilities.
- Proven experience in assessing and protecting public-facing applications (websites, mobile, e-commerce) and determining the cybersecurity controls which are required.
- Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents.
- Deep understanding of common information security frameworks, such as ISO 27001, NIST, MITRE and OWASP
- Deep understanding of industry standards and frameworks related to content delivery security, such as OWASP Top 10, PCI DSS, and ISO 27001.
- Experience deploying and operating preventative technologies such as WAF, anti-bot, anti-fraud technologies, integrated cybersecurity SDKs, and other preventative cybersecurity technologies.
Bonus Points If You: (max. 3)
- Have professional security, cloud or software architecture certifications, such as a CISSP, CISSP-ISSAP, CSSLP, GIAC, or other similar credentials, is preferred
- Have Knowledge of cloud security principles and experience with cloud-based web applications (e.g., AWS, Azure) is a plus.
- Proficiency in Python scripting and programming languages for automation and customization of security tools.
- Knowledge of content delivery network (CDN) principles, CDN security features, and associated technologies.
About the IT Hub
At Nestlé IT, we are a diverse, global team of IT professionals in the biggest health, nutrition and wellness company of the world. We strive to create an environment where people are valued for who they are. We innovate every day through future ready technologies to create opportunities for Nestlé to delight consumers, customers and employees alike. We collaborate with partners around the world to deliver tangible value at global scale. We continuously work to develop our people to be future ready.
About Nestlé
We are Nestlé, the largest food and beverage company in the world, with a presence in more than 185 countries. With net sales of CHF 94.4 billion in 2022, the company has over 291,000 employees and 418 factories in 85 countries. Our values are based on respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. Nestlé is dedicated to offering high-quality food and beverage products and services that contribute to the nutrition, health, and well-being of people, pets, and the planet. Additionally, it is committed to being a leading company in sustainability and achieving net zero greenhouse gas emissions by 2050. Want to learn more? Visit us at: www.nestle.com
We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability.
Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day. You own a piece of the action – make it count.
We are Nestlé, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4 billion sales in 2018, we have an expansive presence with 413 factories in more than 85 countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more? Visit us at www.nestle.com.
-
Cyber and Digital Security Specialist – Digital Protection
We are looking for Cyber and Digital Security Specialist – Digital Protection to be part of our Digital Protection Security team.
Position Snapshot
- Location: Bengaluru
- Type of Contract: Permanent
- IT Security & Compliance
- Type of work: Hybrid
- Work Language: Fluent Business English
The role
Cyber and Digital Security Specialist – Digital Protection: Under the supervision and guidance of their primary Community of Practice Lead and Product Group Manager, the Cyber and Digital Security Specialist – Digital Protection is responsible for establishing and maintaining security products, platforms and solutions designed to mitigate Digital IT risks across the Group to ensure that information assets are adequately protected. This person is responsible for the identification, evaluation, reporting and mitigation of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. This person will proactively work with IT and business units to implement practices that meet defined policies and standards for information security. The Cyber and Digital Security Specialist – Digital Protection continuously researches and stays on top of emerging security threats, technologies and trends.
What you’ll do
- Ensures new products, platforms and solutions are implemented "Secure & Compliant by Design".
- Works closely with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements.
- Understands and interacts with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management.
- Conduct comprehensive risk assessments of architectural designs, identifying potential security gaps, vulnerabilities, and threats. Develop mitigation strategies and work closely with stakeholders to implement necessary security controls.
- Conduct comprehensive reviews of web application architectures to identify security vulnerabilities, weaknesses, and potential risks.
- Identify and recommend improvements to enhance the security of web application architectures, including but not limited to authentication, authorization, input validation, session management, and data protection mechanisms.
- Help business and IT with web applications security issues mitigation.
- Design, implement, and manage the Akamai edge protection product to protect Nestlé’s web applications from potential attacks and vulnerabilities.
- Configure and fine-tune the Akamai edge protection rules and policies to effectively mitigate web application security risks.
- Stay up-to-date with the latest security trends, vulnerabilities, and industry best practices related to Akamai edge protection and web application security
- Investigate and respond to security incidents related to web applications protected by Akamai edge protection, including incident analysis, containment, eradication, and recovery.
- Support Product Manager to design the roadmap for Digital Protection Security including the assessment of new vendors, tools, and solutions.
We offer you (Example. To be adapted per location)[NEL1]
We offer more than just a job. We put people first and inspire you to become the best version of yourself.
- Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.
- Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
- Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill!
- Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities.
Minimum qualifications: (max. 5)
- 7+ years of experience in a combination of Information Security Architecture or Web Application Firewall Jobs.
- Excellent written and verbal communication skills in English, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences (e.g. management, agencies, vendors).
- Experience determining technical security requirements by evaluating business strategies and needs following a risk-based approach, and describe associated data flows and security controls needed, interacting with a broad cross-section of personnel to explain and enforce security measures.
- Proven track record and experience developing cybersecurity architecture, policies and controls and successfully executing these into a live environment.
- Proven experience in conducting architecture reviews for web applications and identifying security vulnerabilities.
- Proven experience in assessing and protecting public-facing applications (websites, mobile, e-commerce) and determining the cybersecurity controls which are required.
- Excellent analytical and problem-solving skills, with the ability to quickly identify and respond to security incidents.
- Deep understanding of common information security frameworks, such as ISO 27001, NIST, MITRE and OWASP
- Deep understanding of industry standards and frameworks related to content delivery security, such as OWASP Top 10, PCI DSS, and ISO 27001.
- Experience deploying and operating preventative technologies such as WAF, anti-bot, anti-fraud technologies, integrated cybersecurity SDKs, and other preventative cybersecurity technologies.
Bonus Points If You: (max. 3)
- Have professional security, cloud or software architecture certifications, such as a CISSP, CISSP-ISSAP, CSSLP, GIAC, or other similar credentials, is preferred
- Have Knowledge of cloud security principles and experience with cloud-based web applications (e.g., AWS, Azure) is a plus.
- Proficiency in Python scripting and programming languages for automation and customization of security tools.
- Knowledge of content delivery network (CDN) principles, CDN security features, and associated technologies.
About the IT Hub
At Nestlé IT, we are a diverse, global team of IT professionals in the biggest health, nutrition and wellness company of the world. We strive to create an environment where people are valued for who they are. We innovate every day through future ready technologies to create opportunities for Nestlé to delight consumers, customers and employees alike. We collaborate with partners around the world to deliver tangible value at global scale. We continuously work to develop our people to be future ready.
About Nestlé
We are Nestlé, the largest food and beverage company in the world, with a presence in more than 185 countries. With net sales of CHF 94.4 billion in 2022, the company has over 291,000 employees and 418 factories in 85 countries. Our values are based on respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. Nestlé is dedicated to offering high-quality food and beverage products and services that contribute to the nutrition, health, and well-being of people, pets, and the planet. Additionally, it is committed to being a leading company in sustainability and achieving net zero greenhouse gas emissions by 2050. Want to learn more? Visit us at: www.nestle.com
We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability.
Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day. You own a piece of the action – make it count.
We are Nestlé, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4 billion sales in 2018, we have an expansive presence with 413 factories in more than 85 countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more? Visit us at www.nestle.com.
Bangalore, IN, 560103
Bangalore, IN, 560103