Loading...
Share this Job
Apply now »

Strategic Security Portfolio Architect

Strategic Security Portfolio Architect

Esplugues Llobregat, B, ES, 08950

Esplugues Llobregat, B, ES, 08950

Position Snapshot



Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
10 + years of experience in Information Security

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive Industry 4.0 opportunities in supply chain and manufacturing.

We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology. If this is you and you want to make an impact globally, join us and there will be no limits to your career.

Position Summary


In order to complete our Security and Compliance Department, we are currently looking for a Strategic Security Portfolio Architect.
 

In this position, you will, in alignment with the security and compliance product groups, develop information security architecture and technology solutions to address the current and emerging information security threats and compliance requirements of the organization. The Strategic Security Portfolio Architect translates technology and environmental conditions into system and security designs and processes to protect digital assets and data. You develop and maintain a security architecture process that enables the enterprise to develop and implement products and solutions that are secure and compliant by design and you create security roadmaps based on sound enterprise architecture practices. The role also liaises with partner management function to conduct security assessments of existing and prospective partners with other security architects and security practitioners to share best practices and insights, and with business continuity management to validate security practices. You will continue to improve the cyber resilience of the Nestlé Group developing and maintaining an effective and agile information security architectural framework, ensuring adherence to appropriate regulations and standards.

A day in the life of...

 

  • Ensure alignment between security architecture frameworks and standards and overall business and IT strategy.
  • Drive security and compliance requirements in cross-functional major IT initiatives.
  • Drive end-to-end architecture across security product offerings and lead the execution of critical architectural priorities for senior technology leaders to develop secure products.
  • Review security technologies, tools and services, and make recommendations to the broader security team for their use based on security, financial and operational metrics.
  • Perform security assessments of third party and internal applications and networks to define security requirements, and evaluating processes, network designs, and access controls.
  • Serve as an information security expert and trusted advisor to partners in IT and the business.
  • Coordinate with the privacy officer to document data flows of personal information within the organization and recommend controls to ensure this data is adequately secured.
  • Develop standards and practices for data protection within the organization based on the organization's information classification criteria.
  • Review existing security architecture, identifies design gaps, and recommends security enhancements.
  • Validate IS/IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risk where applicable.
  • Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors.
  • Liaise with other security architects and security practitioners, internally and externally, to share best practices and insights.
  • The Strategic Security Portfolio Architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues and should anticipate presenting analyses in person and in written formats.

 

What will make you successful

 

  • Ideally Bachelor's or Master's degree in Computer Science, Information Security, or a related field (e.g., IT Audit, Enterprise Risk Management, etc.), or equivalent professional experience
  • Desired Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent
  • 10+ years of experience in information security, preferably in a security architect role
  • 10+ years of experience with regulatory compliance and information security management frameworks (e.g., IS0/IEC 27000, COBIT, NIST 800, etc.)
  • Understanding of architecture methodologies such as SABSA, Zachman and TOGAF
  • Thorough understanding of enterprise risk management and reporting
  • Experience in dealing with large and complex projects in hybrid environments (on-prem, Cloud, multi-Cloud)
  • Influence cross-organizational leaders that can drive success for the individual development teams
  • Knowledge and understanding of the impact of emerging business and end-user technologies have on information security requirements and architecture
  • Build strong inter-personal relationships with peers and other key stakeholders that can help smooth execution
  • Effectively communicates in English at all levels within the organization
  • Experience working in a global environment and with virtual teams
  • Strong analysis and synthesis skills, including levels of abstraction
  • Strong presentation and communication skills, document writing skills


We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

Position Snapshot



Location: Global IT HUB Barcelona (Esplugues de Llobregat)
Company: Nestle
Full-time position
10 + years of experience in Information Security

About IT at Nestlé


We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape of the FMCG industry, and a Digital Transformation at scale. We work with leading technologies and top external partners to provide solutions to enable Nestlé to engage with millions of consumers and customers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive Industry 4.0 opportunities in supply chain and manufacturing.

We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from candidates who have the courage to challenge; who believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers through responsible use of technology. If this is you and you want to make an impact globally, join us and there will be no limits to your career.

Position Summary


In order to complete our Security and Compliance Department, we are currently looking for a Strategic Security Portfolio Architect.
 

In this position, you will, in alignment with the security and compliance product groups, develop information security architecture and technology solutions to address the current and emerging information security threats and compliance requirements of the organization. The Strategic Security Portfolio Architect translates technology and environmental conditions into system and security designs and processes to protect digital assets and data. You develop and maintain a security architecture process that enables the enterprise to develop and implement products and solutions that are secure and compliant by design and you create security roadmaps based on sound enterprise architecture practices. The role also liaises with partner management function to conduct security assessments of existing and prospective partners with other security architects and security practitioners to share best practices and insights, and with business continuity management to validate security practices. You will continue to improve the cyber resilience of the Nestlé Group developing and maintaining an effective and agile information security architectural framework, ensuring adherence to appropriate regulations and standards.

A day in the life of...

 

  • Ensure alignment between security architecture frameworks and standards and overall business and IT strategy.
  • Drive security and compliance requirements in cross-functional major IT initiatives.
  • Drive end-to-end architecture across security product offerings and lead the execution of critical architectural priorities for senior technology leaders to develop secure products.
  • Review security technologies, tools and services, and make recommendations to the broader security team for their use based on security, financial and operational metrics.
  • Perform security assessments of third party and internal applications and networks to define security requirements, and evaluating processes, network designs, and access controls.
  • Serve as an information security expert and trusted advisor to partners in IT and the business.
  • Coordinate with the privacy officer to document data flows of personal information within the organization and recommend controls to ensure this data is adequately secured.
  • Develop standards and practices for data protection within the organization based on the organization's information classification criteria.
  • Review existing security architecture, identifies design gaps, and recommends security enhancements.
  • Validate IS/IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risk where applicable.
  • Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors.
  • Liaise with other security architects and security practitioners, internally and externally, to share best practices and insights.
  • The Strategic Security Portfolio Architect will be required to translate complex security-related matters into business terms that are readily understood by colleagues and should anticipate presenting analyses in person and in written formats.

 

What will make you successful

 

  • Ideally Bachelor's or Master's degree in Computer Science, Information Security, or a related field (e.g., IT Audit, Enterprise Risk Management, etc.), or equivalent professional experience
  • Desired Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or equivalent
  • 10+ years of experience in information security, preferably in a security architect role
  • 10+ years of experience with regulatory compliance and information security management frameworks (e.g., IS0/IEC 27000, COBIT, NIST 800, etc.)
  • Understanding of architecture methodologies such as SABSA, Zachman and TOGAF
  • Thorough understanding of enterprise risk management and reporting
  • Experience in dealing with large and complex projects in hybrid environments (on-prem, Cloud, multi-Cloud)
  • Influence cross-organizational leaders that can drive success for the individual development teams
  • Knowledge and understanding of the impact of emerging business and end-user technologies have on information security requirements and architecture
  • Build strong inter-personal relationships with peers and other key stakeholders that can help smooth execution
  • Effectively communicates in English at all levels within the organization
  • Experience working in a global environment and with virtual teams
  • Strong analysis and synthesis skills, including levels of abstraction
  • Strong presentation and communication skills, document writing skills


We offer an attractive and dynamic international working environment with constant opportunities for development, reflecting our conviction that people are our most important asset. If you want to work in an international multi-discipline team, believe you have the right profile and you are looking for a development opportunity apply now in English on our career website www.nestle.com/jobs

Apply now »