Sr. Risk & Compliance Specialist

Risk and Compliance Specialist

We are looking for a Risk and Compliance Specialist to join our IT Workforce 360 stream in Barcelona

Position Snapshot:

• Type of Contract: Permanent
• Function and Stream: IT Workforce 360 stream
• Type of Work: Hybrid
• Work Language: Fluent Business English

The Role:
Under the supervision and guidance of her/his primary Community of Practice Lead and IT Service Management (ITSM) / Digital Employee Experience (DEX) Product Group Manager based in Barcelona, the Risk and Compliance Specialist is responsible for implementing, coaching and supporting an integrated risk, compliance and security management systems in accordance to the business risk appetite. 

The management systems enable the IT teams globally to identify, document, measure and address its compliance requirements, including but not limited to data protection, privacy, 3rd party/vendor, information security and procurement. 

The Risk and Compliance Specialist's responsibilities include ensuring the teams are able to drive all their risks, compliance and security requirements through the management system, ensuring compliant and secure products & platforms meeting the business risk appetite. 

To enable this, in collaboration with the security teams, s/he is responsible for providing the tools, processes and frameworks to support IT Compliance in Nestle and for conducting IT controls testing.  S/he is an active member of the ITSM / DEX Leadership Team.

What You’ll Do:
As a Risk and Compliance Specialist, you will:

• Be responsible for implementing, coaching and reporting on Risk, Compliance & Security through the Nestlé Compliance and Information Security management system within IT Service Management / DEX
• Support risk identification and controls mapping for all solutions and processes in product/product groups and other IT teams using the Nestlé Security, Risk & Compliance framework and management system
• Be responsible for conducting controls testing, management system reviews and reporting to assess the IT compliance and management system
• Support all IT teams in identifying and applying Internal and External (legal, regulatory and commercial) compliance requirements
• Support the implementation of Compliance Frameworks for new Products (i.e. ISMS RAs, Archer Controls, Compliance Enabler Network SPOCs) via an advisory role, and also by developing and coaching new teams/individuals
• Be responsible for the ITSM / DEX Compliance Enablers network - S&C cascade and meetings.
• Coach and support teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management system
• Provide guidance and support to IT teams in implementing by design the required IT compliance in their solutions to meet the desired level of compliance maturity and risk appetite in the Nestlé Framework 
• Be responsible for tracking the compliance through relevant metrics

We Offer You:
We offer more than just a job. We put people first and inspire you to become the best version of yourself!

• Great benefits including salary and a comprehensive social benefits package. We have one of the best pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.
• Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
• Hybrid working environment with a flexible working scheme. Our state-of-the-art campus is dog-friendly and equipped with a medical center, canteen, and areas to co-create, network, and chill!
• Recreation activities such as yoga, Zumba, etc., and a wide range of volunteering activities.

Join our global team of IT professionals at Nestlé, driving daily innovation and leveraging cutting-edge technologies to address digital opportunities. Grow professionally in a dynamic and impactful environment, collaborating with business partners worldwide to deliver integrated technology solutions!

What Will Make You a Great Fit:

• 5+ years of experience in a combination of risk management, compliance, information security and IT jobs
• Undergraduate degree in the field of computer science, law, IT Security, Quality Management or business administration; graduate degree in one these fields preferred
• Industry-related compliance, risk or security management certification is preferred
• Experience in preparing, running/facilitating ISMS Risk Assessments, a plus is to be familiar with ITSM / DEX Product Groups and services
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues
• Experience developing and submitting IT audit and compliance reports
• Experience with effective communication at different levels in the organization and in English
• Experience having worked in a global environment and with virtual teams

Not a 100% match? No worries! Nestlé supports your personal growth with customized development solutions.

What You Can Expect in Your Application Journey:

1. Hit apply and enter our job portal.
2. Submit your application with your CV.
3. We will contact relevant applicants.
4. Interviews (HR, Hiring team, and stakeholders).
5. Feedback.
6. We make an offer.
7. Location-dependent checks and pre-onboarding.
8. First working day.

About Nestlé:
We are Nestlé, the largest food and beverage company with brands including KitKat, Nescafé, Maggi, Purina, among many others. We are approximately 275,000 employees strong, motivated by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. With more than CHF 94.4 billion in sales in 2022, we have an expansive presence, with 344 factories in 77 countries. Want to learn more? Visit us at www.nestle.com.
We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief, and disability.