Apply now »

IS/IT Risk and Compliance Specialist (PCI)

IS/IT Risk and Compliance Specialist (PCI)

We are looking for an IS/IT Risk and Compliance Specialist (PCI) to be part of our Nestlé Nespresso Digital and Tech Team. 
 

Position Snapshot 

 

  • Location: Nespresso Hub, Barcelona. Spain. 

  • Type of Contract: Permanent.  

  • Type of work: Hybrid.

  • Work Language: Fluent Business English. 

 

The Role  

 

As an IS/IT Risk and Compliance Specialist (PCI) you will be ensuring the organization's compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements and protecting sensitive cardholder data. Under the supervision and guidance of the primary Community of Practice Lead, you will be responsible for assisting with implementing, coaching and supporting an integrated risk, compliance and security management systems in accordance with the business risk appetite that safeguards IS/IT systems and payment card information. Additionally, as a PCI Compliance Specialist, you will be assisting with PCI assessments (including market assessments) and managing reports on remediation efforts. 

 

In This Role, You Will: 

  • Assist in identifying and mapping controls for solutions and processes related to PCI compliance within product/product groups and other IT teams. 

  • Collaborate with cross-functional teams to identify and map controls for solutions and processes, ensuring adherence to the Nestlé Security, Risk & Compliance framework. 

  • Contribute to the successful implementation of new security initiatives and projects within the organization, with a focus on protecting cardholder data. 

  • Assist in conducting comprehensive controls testing, management system reviews, and reporting to assess IT compliance and management system effectiveness. 

  • Act as a trusted partner to Nespresso global markets, offering guidance and support on IT risk and compliance matters. 

  • Track changes to the PCI-DSS regulatory requirements and assist the organization to adapt and implement controls to maintain PCI compliance.  

  • Review and assist in certifying PCI Internal Self-Assessment Questionnaires. 

  • Track and follow up on IT audits, internal reviews, or regulatory findings as corrective and preventative actions. 

 

What We’re Looking For: 

  • Bachelor's degree in Computer Science or similar. 

  • 3+ years working with compliance regulations and standards, with a focus on PCI-DSS compliance. 

  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. 

  • Experience developing and submitting IT audits and compliance reports. 

  • Experience with effective communication at different levels in the organization and in English. 

 

Extra Skills That Set You Apart:  

  • Demonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications and outsourced systems. 

  • General knowledge of business processes, management, and operations. 

  • Proven analytical, evaluative and problem-solving skills. 

 

We offer you: 

We offer more than just a job. We put people first and inspire you to become the best version of yourself. 

  • Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc. 

  • Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset. 

  • Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill! 

  • Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities. 

 

The Hiring Process: 

Your Application → Submit your application, and we'll review it carefully (make sure your CV is in English as the hiring team is international).  

Initial Screening → Relevant candidates will be contacted by our Talent Acquisition team for an initial interview.   

Hiring Manager Interview → Selected candidates will then meet with the hiring manager to discuss the role and their experience in more detail.   

Stakeholder Interview → Candidates will engage with potential team members to assess fit and collaboration.     

Feedback → After interviews, we provide feedback to all candidates.   

Job Offer → Successful candidates will receive a formal offer.   

First Working Day → Once the offer is accepted, we’ll welcome you on your first day! 

 

About Nespresso   

 

The Nespresso story began with a simple but revolutionary idea: enable anyone to create the perfect cup of espresso coffee. 

 

Since 1986, Nespresso has redefined and revolutionized the way millions of people enjoy their coffee. 

 

We are a Company committed with the Climate change and we aim to achieve carbon neutrality as soon as possible and net-zero GHG emissions by 2050 at the latest. 

In 2019 we created the digital hub in Barcelona to offer the best customer experience and innovation to B2C and B2B channels.  

 

We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability. 

People are at the heart of our success – all 14,000 of them. We actively cultivate diversity, inclusion and belonging in the workplace. We celebrate individuality, believing that your authenticity and uniqueness can help us to grow and thrive together 

Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day. You own a piece of the action – make it count.  

Join Nestlé #beaforceforgood 

We are looking for an IS/IT Risk and Compliance Specialist (PCI) to be part of our Nestlé Nespresso Digital and Tech Team. 
 

Position Snapshot 

 

  • Location: Nespresso Hub, Barcelona. Spain. 

  • Type of Contract: Permanent.  

  • Type of work: Hybrid.

  • Work Language: Fluent Business English. 

 

The Role  

 

As an IS/IT Risk and Compliance Specialist (PCI) you will be ensuring the organization's compliance with Payment Card Industry Data Security Standard (PCI DSS) requirements and protecting sensitive cardholder data. Under the supervision and guidance of the primary Community of Practice Lead, you will be responsible for assisting with implementing, coaching and supporting an integrated risk, compliance and security management systems in accordance with the business risk appetite that safeguards IS/IT systems and payment card information. Additionally, as a PCI Compliance Specialist, you will be assisting with PCI assessments (including market assessments) and managing reports on remediation efforts. 

 

In This Role, You Will: 

  • Assist in identifying and mapping controls for solutions and processes related to PCI compliance within product/product groups and other IT teams. 

  • Collaborate with cross-functional teams to identify and map controls for solutions and processes, ensuring adherence to the Nestlé Security, Risk & Compliance framework. 

  • Contribute to the successful implementation of new security initiatives and projects within the organization, with a focus on protecting cardholder data. 

  • Assist in conducting comprehensive controls testing, management system reviews, and reporting to assess IT compliance and management system effectiveness. 

  • Act as a trusted partner to Nespresso global markets, offering guidance and support on IT risk and compliance matters. 

  • Track changes to the PCI-DSS regulatory requirements and assist the organization to adapt and implement controls to maintain PCI compliance.  

  • Review and assist in certifying PCI Internal Self-Assessment Questionnaires. 

  • Track and follow up on IT audits, internal reviews, or regulatory findings as corrective and preventative actions. 

 

What We’re Looking For: 

  • Bachelor's degree in Computer Science or similar. 

  • 3+ years working with compliance regulations and standards, with a focus on PCI-DSS compliance. 

  • Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues. 

  • Experience developing and submitting IT audits and compliance reports. 

  • Experience with effective communication at different levels in the organization and in English. 

 

Extra Skills That Set You Apart:  

  • Demonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications and outsourced systems. 

  • General knowledge of business processes, management, and operations. 

  • Proven analytical, evaluative and problem-solving skills. 

 

We offer you: 

We offer more than just a job. We put people first and inspire you to become the best version of yourself. 

  • Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc. 

  • Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset. 

  • Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill! 

  • Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities. 

 

The Hiring Process: 

Your Application → Submit your application, and we'll review it carefully (make sure your CV is in English as the hiring team is international).  

Initial Screening → Relevant candidates will be contacted by our Talent Acquisition team for an initial interview.   

Hiring Manager Interview → Selected candidates will then meet with the hiring manager to discuss the role and their experience in more detail.   

Stakeholder Interview → Candidates will engage with potential team members to assess fit and collaboration.     

Feedback → After interviews, we provide feedback to all candidates.   

Job Offer → Successful candidates will receive a formal offer.   

First Working Day → Once the offer is accepted, we’ll welcome you on your first day! 

 

About Nespresso   

 

The Nespresso story began with a simple but revolutionary idea: enable anyone to create the perfect cup of espresso coffee. 

 

Since 1986, Nespresso has redefined and revolutionized the way millions of people enjoy their coffee. 

 

We are a Company committed with the Climate change and we aim to achieve carbon neutrality as soon as possible and net-zero GHG emissions by 2050 at the latest. 

In 2019 we created the digital hub in Barcelona to offer the best customer experience and innovation to B2C and B2B channels.  

 

We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability. 

People are at the heart of our success – all 14,000 of them. We actively cultivate diversity, inclusion and belonging in the workplace. We celebrate individuality, believing that your authenticity and uniqueness can help us to grow and thrive together 

Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day. You own a piece of the action – make it count.  

Join Nestlé #beaforceforgood 

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Apply now »