Loading...
Share this Job
Apply now »

Cyber Digital Security Senior Specialist - Application Security

Cyber Digital Security Senior Specialist - Application Security

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot

Nestlé Global Tech Hub in Barcelona, Spain                                         

Permanent Contract,

act. rate 100%
 

About IT in Nestlé

We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for Nestlé’s digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value. 

Position Summary

 
In order to complete our Security & Compliance Department, we are currently looking for a Cyber Digital Security Senior Specialist – Application Security. Together with a group of security specialists, your mission is to assess and protect Digital Properties of the Nestlé Group.

Key responsibilities

•    Directly contribute to growth and development related to our Application Security Testing (AST) and Web Application Firewall (WAF) solution and practices. 
•    Analyzing and developing policies and solutions to support AST and WAF security on an enterprise scale.
•    Liase with IT teams and vendors to implement, improve and solve operational issues and findings related to AST and WAFs.
•    Assist with project efforts to design security controls and processes that solve business problems.
•    Serve as a security expert in Application Security, helping product teams comply with enterprise and IS/IT security policies, industry regulations and best practices.
•    Determine security requirements by evaluating business strategies and requirements following a risk-based approach, evaluate gaps and derived risks, and assess corresponding action plans.
•    Supports the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security.
•    Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices. 
•    Defend and translate to stakeholders technical choices from a security perspective.

Job Requirements

•    Solid experience in assessing and protecting public-facing applications.
•    Software development or application security testing experience, and exposed to WAF, SecDevOps, OWASP Top 10 and other frameworks: including analyzing, architecting fixes for, and leading developers in remediating code-level vulnerabilities.
•    Experience determining security requirements by evaluating business strategies and requirements following a risk-based approach, and describe associated data flows and security controls needed, interacting with a broad cross-section of personnel to explain and enforce security measures.

Education / Years of Experience

•    Degree in a technology-related field, or equivalent work- or education-related experience. 
•    5+ years of experience in a combination of risk management, information security and IS/IT jobs. 

Preferred Qualifications

•    Professional security, cloud and software architecture certifications, such as a CISSP, CISSP-ISSAP, CSSLP, GIAC, AWS Solution Architect, Azure Solutions Architect or other similar credentials, is preferred. 
•    Knowledge of common information security management frameworks, such as ISO 27001 and NIST. 

Personal Qualities that will help you succeed in this role

•    Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences (e.g. management, agencies, vendors).
•    High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. 
•    Team player, high degree of initiative, dependability and ability to work with little supervision. 
•    Highly collaborative approach paired with excellent communication skills to balance trade-offs, pushbacks and negotiations to reach goals.

Join us!

Show us that you are an enthusiastic, curious, fast learner and team player person who is used to work with agile practices. Your ability to be flexible, self-motivated and your willingness to deliver on a deadline will set you apart among the other candidates. Please don’t hesitate and apply in English at www.nestle.com/jobs. We are excited to hear from you!  
  
The Nestlé Group is the world’s largest food and beverage company with 89.8 billion Swiss Francs in sales in 2017. It is present in 189 countries around the world, has 413 factories and its 323,000 employees are committed to Nestlé’s purpose of enhancing quality of life and con-tributing to a healthier future. Nestlé offers a wide portfolio of products and services for people and their pets throughout their lives. Its more than 2000 brands range from global icons like Nescafé or Nespresso to local favorites. Company performance is driven by its Nutrition, Health and Wellness strategy. Nestlé is based in the Swiss town of Vevey where it was founded more than 150 years ago. Learn more about our Group and reasons to join us on www.nestle.com 
 

Position Snapshot

Nestlé Global Tech Hub in Barcelona, Spain                                         

Permanent Contract,

act. rate 100%
 

About IT in Nestlé

We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for Nestlé’s digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value. 

Position Summary

 
In order to complete our Security & Compliance Department, we are currently looking for a Cyber Digital Security Senior Specialist – Application Security. Together with a group of security specialists, your mission is to assess and protect Digital Properties of the Nestlé Group.

Key responsibilities

•    Directly contribute to growth and development related to our Application Security Testing (AST) and Web Application Firewall (WAF) solution and practices. 
•    Analyzing and developing policies and solutions to support AST and WAF security on an enterprise scale.
•    Liase with IT teams and vendors to implement, improve and solve operational issues and findings related to AST and WAFs.
•    Assist with project efforts to design security controls and processes that solve business problems.
•    Serve as a security expert in Application Security, helping product teams comply with enterprise and IS/IT security policies, industry regulations and best practices.
•    Determine security requirements by evaluating business strategies and requirements following a risk-based approach, evaluate gaps and derived risks, and assess corresponding action plans.
•    Supports the implementation and enforcement of secure design principles according to policies, standards, and patterns of Information Security.
•    Develop, maintain and publish up-to-date security policies, standards and guidelines, and oversee training and dissemination of security policies and practices. 
•    Defend and translate to stakeholders technical choices from a security perspective.

Job Requirements

•    Solid experience in assessing and protecting public-facing applications.
•    Software development or application security testing experience, and exposed to WAF, SecDevOps, OWASP Top 10 and other frameworks: including analyzing, architecting fixes for, and leading developers in remediating code-level vulnerabilities.
•    Experience determining security requirements by evaluating business strategies and requirements following a risk-based approach, and describe associated data flows and security controls needed, interacting with a broad cross-section of personnel to explain and enforce security measures.

Education / Years of Experience

•    Degree in a technology-related field, or equivalent work- or education-related experience. 
•    5+ years of experience in a combination of risk management, information security and IS/IT jobs. 

Preferred Qualifications

•    Professional security, cloud and software architecture certifications, such as a CISSP, CISSP-ISSAP, CSSLP, GIAC, AWS Solution Architect, Azure Solutions Architect or other similar credentials, is preferred. 
•    Knowledge of common information security management frameworks, such as ISO 27001 and NIST. 

Personal Qualities that will help you succeed in this role

•    Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences (e.g. management, agencies, vendors).
•    High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity. 
•    Team player, high degree of initiative, dependability and ability to work with little supervision. 
•    Highly collaborative approach paired with excellent communication skills to balance trade-offs, pushbacks and negotiations to reach goals.

Join us!

Show us that you are an enthusiastic, curious, fast learner and team player person who is used to work with agile practices. Your ability to be flexible, self-motivated and your willingness to deliver on a deadline will set you apart among the other candidates. Please don’t hesitate and apply in English at www.nestle.com/jobs. We are excited to hear from you!  
  
The Nestlé Group is the world’s largest food and beverage company with 89.8 billion Swiss Francs in sales in 2017. It is present in 189 countries around the world, has 413 factories and its 323,000 employees are committed to Nestlé’s purpose of enhancing quality of life and con-tributing to a healthier future. Nestlé offers a wide portfolio of products and services for people and their pets throughout their lives. Its more than 2000 brands range from global icons like Nescafé or Nespresso to local favorites. Company performance is driven by its Nutrition, Health and Wellness strategy. Nestlé is based in the Swiss town of Vevey where it was founded more than 150 years ago. Learn more about our Group and reasons to join us on www.nestle.com 
 

Apply now »