Loading...
Share this Job
Apply now »

IS/IT Risk& Compliance Specialist - PCI Compliance Management

IS/IT Risk& Compliance Specialist - PCI Compliance Management

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestlé
Full-time position

About IT at Nestle

 

We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive Industry 4.0 opportunities in supply chain and manufacturing.

We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology. If this is you and you want to make an impact globally, join us and there will be no limits to your career.
 

Position Summary


In order to complete our IS/IT Security & Compliance Department, we are currently looking for an IS/IT Risk and Compliance Specialist – PCI Compliance Management.
 
In this position, you will be responsible for implementing, coaching and supporting an integrated risk, compliance and security management systems in accordance to the business risk appetite. The Risk and Compliance Specialist's responsibilities include ensuring the teams are able to drive all their risk, compliance and security requirements ensuring compliant and secure products & platforms. To enable this, you will be responsible for providing the tools, processes and frameworks to support IS/IT Compliance in Nestlé and for conducting IS/IT controls testing, with a particular focus on PCI Compliance.
 

A day in the life of...

 
● Support risk identification and control mapping for all solutions and processes in product/product groups and other IS/IT teams using the Nestlé Security, Risk & Compliance framework and management system.
● Responsible for developing, building and enhancing Security & Compliance reports & metrics.
● Supports IT units in identifying and applying internal and external (legal, regulatory and commercial) compliance requirements, with a particular focus on PCI-DSS and consumer data privacy
● Coordinates audit-related tasks,  including SAQ audits. Ensuring the readiness of IS/IT Product Managers, Partner Delivery Managers and their organizations for audits testing and facilitating the timely resolution of any audit findings
● Support all IS/IT teams in identifying and applying Internal and External (legal, regulatory and commercial) compliance requirements.
● Coach and support teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management system.
● Provide guidance and support to IS/IT teams in implementing by design the required IS/IT compliance in their solutions to meet the desired level of compliance maturity and risk appetite in the Nestlé Framework. 
● Implement tools and process to support an integrated Risk, Compliance & Security Framework (including regulatory requirements PCI, GDPR Quality etc.).
● Sustain the Controls Library by translating Nestlé, Regulatory & Industry standards into actionable control points.
● Supports and advises product managers in any IS/IT compliance questions, with a focus on external requirements for PCI & Privacy and for the Nestle internal compliance requirements
● Processes and procedures for lifecycle management of all technology compliance policies, standards and frameworks in Nestlé, including exceptions management.
● Drive root cause analysis across audits and reviews to identify and document required improvements in tools, processes and documentation.

What will make you successful



● 6+ years of experience in a combination of risk management, compliance, information security and IS/IT jobs, and 2 years+ experience in PCI as an ISA or QSA.
● Undergraduate degree in the field of computer science, IS/IT Security, Quality Management, graduate degree in one of these fields preferred.
● Industry-related compliance, risk or security management certification is preferred. 
● Demonstrated ability to apply IS/IT-related knowledge and experience in solving compliance issues.
● Experience developing and submitting IS/IT audit and compliance reports required
● Good knowledge of technology environments.
● Demonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications and outsourced systems.
● Experience with effective communication at different levels in the organization and in English.
● Experience having worked in a global environment and with virtual teams.

We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 
If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs.

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestlé
Full-time position

About IT at Nestle

 

We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive Industry 4.0 opportunities in supply chain and manufacturing.

We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology. If this is you and you want to make an impact globally, join us and there will be no limits to your career.
 

Position Summary


In order to complete our IS/IT Security & Compliance Department, we are currently looking for an IS/IT Risk and Compliance Specialist – PCI Compliance Management.
 
In this position, you will be responsible for implementing, coaching and supporting an integrated risk, compliance and security management systems in accordance to the business risk appetite. The Risk and Compliance Specialist's responsibilities include ensuring the teams are able to drive all their risk, compliance and security requirements ensuring compliant and secure products & platforms. To enable this, you will be responsible for providing the tools, processes and frameworks to support IS/IT Compliance in Nestlé and for conducting IS/IT controls testing, with a particular focus on PCI Compliance.
 

A day in the life of...

 
● Support risk identification and control mapping for all solutions and processes in product/product groups and other IS/IT teams using the Nestlé Security, Risk & Compliance framework and management system.
● Responsible for developing, building and enhancing Security & Compliance reports & metrics.
● Supports IT units in identifying and applying internal and external (legal, regulatory and commercial) compliance requirements, with a particular focus on PCI-DSS and consumer data privacy
● Coordinates audit-related tasks,  including SAQ audits. Ensuring the readiness of IS/IT Product Managers, Partner Delivery Managers and their organizations for audits testing and facilitating the timely resolution of any audit findings
● Support all IS/IT teams in identifying and applying Internal and External (legal, regulatory and commercial) compliance requirements.
● Coach and support teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management system.
● Provide guidance and support to IS/IT teams in implementing by design the required IS/IT compliance in their solutions to meet the desired level of compliance maturity and risk appetite in the Nestlé Framework. 
● Implement tools and process to support an integrated Risk, Compliance & Security Framework (including regulatory requirements PCI, GDPR Quality etc.).
● Sustain the Controls Library by translating Nestlé, Regulatory & Industry standards into actionable control points.
● Supports and advises product managers in any IS/IT compliance questions, with a focus on external requirements for PCI & Privacy and for the Nestle internal compliance requirements
● Processes and procedures for lifecycle management of all technology compliance policies, standards and frameworks in Nestlé, including exceptions management.
● Drive root cause analysis across audits and reviews to identify and document required improvements in tools, processes and documentation.

What will make you successful



● 6+ years of experience in a combination of risk management, compliance, information security and IS/IT jobs, and 2 years+ experience in PCI as an ISA or QSA.
● Undergraduate degree in the field of computer science, IS/IT Security, Quality Management, graduate degree in one of these fields preferred.
● Industry-related compliance, risk or security management certification is preferred. 
● Demonstrated ability to apply IS/IT-related knowledge and experience in solving compliance issues.
● Experience developing and submitting IS/IT audit and compliance reports required
● Good knowledge of technology environments.
● Demonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications and outsourced systems.
● Experience with effective communication at different levels in the organization and in English.
● Experience having worked in a global environment and with virtual teams.

We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 
If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs.

Apply now »