Loading...
Share this Job
Apply now »

Information Security Risk & Compliance Senior Specialist

Information Security Risk & Compliance Senior Specialist

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
7+ years in IT Security Risk & Compliance

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology.

In order to complete our IS/IT Security Risk & Compliance Department, we are currently looking for an Information Security Risk and Compliance Senior Specialist. 

Position Summary


In this position, you will be responsible for providing effective and efficient tools, processes and frameworks to ensure IS/IT Teams are able to drive all their risk, compliance and security requirements through the management systems and that proper reporting is made available to the management to allow risk based decisions. The management systems enable the IS/IT teams globally to identify, document, measure and address its IT risk and compliance requirements, including but not limited to data protection, privacy, 3rd party/vendor, information security and procurement. 
 

A day in the life of...



•    Sustain and improve tools and processes to support an integrated Risk, Compliance & Security Framework (including regulatory requirements such as PCI or GDPR).
•    Contributes to the definition, maintenance and improvement of an integrated risk, compliance & security index through the implementation of KRIs and KPIs
•    Collaborate with Audit function to ensure one source of truth through the integration of reporting corrective & preventative actions and audit findings  
•    Support the execution of IS/IT audit activities and requests 
•    Drive root cause analysis across audits and reviews to identify and document required improvements in tools and processes
•    Support risk identification and control mapping for all solutions and processes in IT products and other IS/IT teams using the Nestlé Security, Risk & Compliance framework and management system
•    Advise on and promote importance of IS/IT related Risk, Compliance and Security outside the IS/IT community 
 

What will make you successful



•    7+ years of experience in a combination of IT risk management, IT compliance, information security and IS/IT jobs with good knowledge of complex technology environments 
•    Undergraduate degree in the field of computer science, law, IS/IT Security, Quality Management or business administration; graduate degree in one these fields preferred 
•    Industry-related compliance, risk or security management certification is preferred (e.g., CISA, CISSP, ISO27001 Lead Auditor, etc.) 
•    Demonstrated ability to apply IS/IT-related knowledge and experience in solving compliance issues 
•    Experience developing and submitting IS/IT audit and compliance reports 
•    Direct experience and knowledge of regional, national and local information technology laws, regulations and standards (e.g., GDPR, ISO27001, NIST, ITIL etc.) 
•    Demonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications, and outsourced systems  
•    General knowledge of business theory, processes, management, budgeting & office operations 
•    Solid understanding of product management principles  desired
•    Experience with effective communication at different levels in the organization and in English 
•    Experience having worked in a global environment and with virtual teams. 


We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs
 

Position Snapshot


Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
7+ years in IT Security Risk & Compliance

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology.

In order to complete our IS/IT Security Risk & Compliance Department, we are currently looking for an Information Security Risk and Compliance Senior Specialist. 

Position Summary


In this position, you will be responsible for providing effective and efficient tools, processes and frameworks to ensure IS/IT Teams are able to drive all their risk, compliance and security requirements through the management systems and that proper reporting is made available to the management to allow risk based decisions. The management systems enable the IS/IT teams globally to identify, document, measure and address its IT risk and compliance requirements, including but not limited to data protection, privacy, 3rd party/vendor, information security and procurement. 
 

A day in the life of...



•    Sustain and improve tools and processes to support an integrated Risk, Compliance & Security Framework (including regulatory requirements such as PCI or GDPR).
•    Contributes to the definition, maintenance and improvement of an integrated risk, compliance & security index through the implementation of KRIs and KPIs
•    Collaborate with Audit function to ensure one source of truth through the integration of reporting corrective & preventative actions and audit findings  
•    Support the execution of IS/IT audit activities and requests 
•    Drive root cause analysis across audits and reviews to identify and document required improvements in tools and processes
•    Support risk identification and control mapping for all solutions and processes in IT products and other IS/IT teams using the Nestlé Security, Risk & Compliance framework and management system
•    Advise on and promote importance of IS/IT related Risk, Compliance and Security outside the IS/IT community 
 

What will make you successful



•    7+ years of experience in a combination of IT risk management, IT compliance, information security and IS/IT jobs with good knowledge of complex technology environments 
•    Undergraduate degree in the field of computer science, law, IS/IT Security, Quality Management or business administration; graduate degree in one these fields preferred 
•    Industry-related compliance, risk or security management certification is preferred (e.g., CISA, CISSP, ISO27001 Lead Auditor, etc.) 
•    Demonstrated ability to apply IS/IT-related knowledge and experience in solving compliance issues 
•    Experience developing and submitting IS/IT audit and compliance reports 
•    Direct experience and knowledge of regional, national and local information technology laws, regulations and standards (e.g., GDPR, ISO27001, NIST, ITIL etc.) 
•    Demonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications, and outsourced systems  
•    General knowledge of business theory, processes, management, budgeting & office operations 
•    Solid understanding of product management principles  desired
•    Experience with effective communication at different levels in the organization and in English 
•    Experience having worked in a global environment and with virtual teams. 


We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. 

If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs
 

Apply now »