Loading...
Share this Job
Apply now »

Cyber and Digital Security Senior Specialist - Infrastructure Security

Cyber and Digital Security Senior Specialist - Infrastructure Security

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
Grade: H
10+ years experience in Risk Management, Information Security and Infrastructure Security 

About IT at Nestlé



We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology.

Position Summary


 

In order to complete our Security and Compliance Department, we are currently looking for a Cyber and Digital Security Senior Specialist – Infrastructure Security. 
 

In this position, you will be responsible for establishing and maintaining security products, platforms and solutions designed to mitigate IS/IT risks across Nestlé Group to ensure that information assets are adequately protected. You will be responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. As Cyber and Digital Security Senior Specialist you will proactively work with IS/IT and business units to implement practices that meet defined policies and standards for information security; you will also act as a security business partner for the IS/IT Product Groups, you will represent Security in various core team meetings. Last but not least, you will also research and stay on top of emerging security threats, technologies and trends.

A day in the life of...

 

  • Serve as a security expert in infrastructure design and deployment, database design, and/or platform (operating system) efforts, helping product teams comply with enterprise and IS/IT security policies, industry regulations and best practices
  • Liaise with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IS/IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements
  • Ensure new products, platforms and solutions are implemented "Secure & Compliant by Design"
  • Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices
  • Understand and interact with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management
  • Work directly with Product Managers, BRMs and IS/IT Customers to facilitate business IS/IT risk assessment and risk management processes, and work with stakeholders through the enterprise on identifying acceptable levels of residual risk
  • Provide periodic reporting on the current status of the information security program to enterprise risk teams, senior business and IS/IT leaders as part of a strategic enterprise risk management program
  • Provide strategic risk guidance for IS/IT projects and product management, including the evaluation and recommendation of technical controls

What will make you successful

 

  • Degree in business administration or a technology-related field, or equivalent work- or education-related experience
  • 10+ years of experience in a combination of risk management, information security and IS/IT jobs, vendor and project management, at least 5 years of experience in infrastructure security
  • Successful experience in implementing Next Generation Network Security products from vendors such as Check Point, Fortinet, Palo-Alto
  • Successful experience deploying network security controls in public clouds such as Azure, Google Cloud, AWS 
  • Proven track record developing information security policies and procedures and successfully executing programs and projects that meet objectives of excellence in a dynamic environment
  • Successful experience designing secure WLAN infrastructure, BYOD policy development and client authentication and authorization models
  • Successful experience with network access policy reporting and workflow tools such as Firemon, AlgoSec, Tufin, etc.
  • Experience in effective communication at different level in the organization, very good level of  English
  • Preference to have worked in a global environment and with virtual teams
  • Knowledge and understanding of relevant legal and regulatory requirements, General Data Protection Regulation (GDPR), Payment Card Industry/Data Security Standard (PCI) or relevant local or global laws, standards and regulations
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Check Point Managed Security Expert (CCMSE), Palo Alto Networks Certified Network Security Administrator (PCNSA) or other similar credentials, is preferred
  • Knowledge of common information security management frameworks, such as ISO 27001, IS/ITIL, COBIS/IT and NIST
  • Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment and meet overall objectives
  • Must be a critical thinker with strong problem-solving skills and high level of personal integrity


We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

 

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
Grade: H
10+ years experience in Risk Management, Information Security and Infrastructure Security 

About IT at Nestlé



We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology.

Position Summary


 

In order to complete our Security and Compliance Department, we are currently looking for a Cyber and Digital Security Senior Specialist – Infrastructure Security. 
 

In this position, you will be responsible for establishing and maintaining security products, platforms and solutions designed to mitigate IS/IT risks across Nestlé Group to ensure that information assets are adequately protected. You will be responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. As Cyber and Digital Security Senior Specialist you will proactively work with IS/IT and business units to implement practices that meet defined policies and standards for information security; you will also act as a security business partner for the IS/IT Product Groups, you will represent Security in various core team meetings. Last but not least, you will also research and stay on top of emerging security threats, technologies and trends.

A day in the life of...

 

  • Serve as a security expert in infrastructure design and deployment, database design, and/or platform (operating system) efforts, helping product teams comply with enterprise and IS/IT security policies, industry regulations and best practices
  • Liaise with Enterprise Architects, other functional area architects and other Security Specialists to ensure adequate security solutions are in place throughout all IS/IT products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements
  • Ensure new products, platforms and solutions are implemented "Secure & Compliant by Design"
  • Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices
  • Understand and interact with related disciplines to ensure the consistent application of policies and standards across all product groups; technology projects and systems, including, but not limited to, privacy, risk management, compliance and business continuity management
  • Work directly with Product Managers, BRMs and IS/IT Customers to facilitate business IS/IT risk assessment and risk management processes, and work with stakeholders through the enterprise on identifying acceptable levels of residual risk
  • Provide periodic reporting on the current status of the information security program to enterprise risk teams, senior business and IS/IT leaders as part of a strategic enterprise risk management program
  • Provide strategic risk guidance for IS/IT projects and product management, including the evaluation and recommendation of technical controls

What will make you successful

 

  • Degree in business administration or a technology-related field, or equivalent work- or education-related experience
  • 10+ years of experience in a combination of risk management, information security and IS/IT jobs, vendor and project management, at least 5 years of experience in infrastructure security
  • Successful experience in implementing Next Generation Network Security products from vendors such as Check Point, Fortinet, Palo-Alto
  • Successful experience deploying network security controls in public clouds such as Azure, Google Cloud, AWS 
  • Proven track record developing information security policies and procedures and successfully executing programs and projects that meet objectives of excellence in a dynamic environment
  • Successful experience designing secure WLAN infrastructure, BYOD policy development and client authentication and authorization models
  • Successful experience with network access policy reporting and workflow tools such as Firemon, AlgoSec, Tufin, etc.
  • Experience in effective communication at different level in the organization, very good level of  English
  • Preference to have worked in a global environment and with virtual teams
  • Knowledge and understanding of relevant legal and regulatory requirements, General Data Protection Regulation (GDPR), Payment Card Industry/Data Security Standard (PCI) or relevant local or global laws, standards and regulations
  • Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Check Point Managed Security Expert (CCMSE), Palo Alto Networks Certified Network Security Administrator (PCNSA) or other similar credentials, is preferred
  • Knowledge of common information security management frameworks, such as ISO 27001, IS/ITIL, COBIS/IT and NIST
  • Excellent analytical skills, able to manage multiple projects under strict timelines, work well in a demanding dynamic environment and meet overall objectives
  • Must be a critical thinker with strong problem-solving skills and high level of personal integrity


We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

 

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Apply now »