IS/IT Risk&Compliance Senior Specialist

We are looking for a Senior Risk and Compliance Specialist to join our IT Marketing sales and eCommerce (MSE) stream in Barcelona.
 
Position Snapshot:

• Work locations: Barcelona, Milano, Mexico, Bangalore - Nestlé IT Hubs.
• Type of Contract: Permanent.
• Function and Stream: IT Marketing, Sales and eCommerce.
• Type of Work: Hybrid.
• Work Language: Fluent Business English.

 
The Role:
We are looking for a Senior Risk and Compliance Specialist, responsible for for maintaining, supporting, and continuously improving the current compliance and security management systems (ISMS) in our Product based organization. The role is part of the transversal Operations team, yet the new candidate will work closely with the Security Stream and collaborate with the Markets when needed. 

The security management systems enable the IT teams globally to identify, document, measure and address compliance and security requirements, including but not limited to data protection, privacy, 3rd party/vendor, information security and procurement.  

We operate using a risk-based approach, and the Risk and Compliance Specialist's responsibilities include ensuring that product teams can develop appropriate risk treatment plans for the risks they own. Additionally, as specialist you must collaborate with product teams to verify whether these risks are adequately covered by the existing controls or if additional measures are required.
To enable this, in collaboration with the security teams, you will be responsible for providing the tools, processes and frameworks to support IT Security and Compliance in Nestlé.
 

What You’ll Do:

• Be responsible for implementing, coaching, reporting, and continuously improving Risk, Compliance & Security through the Nestlé Compliance and Information Security management system.
• Support the implementation of Compliance Frameworks for new Products (i.e. ISMS RAs, Archer Controls, Compliance Enabler Network SPOCs).
• Support risk identification and controls mapping for all solutions and processes in product groups and other IT teams using the Nestlé Security, Risk & Compliance framework and management systems.
• Coach and develop teams in identifying and managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracking them through the risk management system (Archer).
• Be responsible for tracking the various Security and compliance KPIs and taking action when needed with the different product groups and other IT teams if it is required.
• Lead and drive internal and external audits as well as Internal independent reviews: preparing and coordinating all impacted teams.
• Maintenance of ISMS documentation as well as preparation and execution of the Risk Assessment exercises, following the ISMS framework.
• Be the Stream ambassador of all security-related matters, helping bring this topic to the forefront of the conversation. Become the single point of contact within the different product groups when they have questions or concerns related to Security and/or Compliance, as well as with other IT Teams.
• Being aware and connected to different ways of working and championing change towards a more productive operation model in this area.

 
We Offer You:
We offer more than just a job. We put people first and inspire you to become the best version of yourself!

• Great benefits including salary and a comprehensive social benefits package. We have one of the best pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.
• Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
• Hybrid working environment with a flexible working scheme. Our state-of-the-art campus is dog-friendly and equipped with a medical center, canteen, and areas to co-create, network, and chill!
• Recreation activities such as yoga, Zumba, etc., and a wide range of volunteering activities.

Join our global team of IT professionals at Nestlé, driving daily innovation and leveraging cutting-edge technologies to address digital opportunities. Grow professionally in a dynamic and impactful environment, collaborating with business partners worldwide to deliver integrated technology solutions!
 
What Will Make You a Great Fit:

• 7+ years of experience in a combination of risk management, compliance, information security and IT jobs.
• Graduate degree in the field of computer science, law, IT Security, Quality Management or business administration.
• Industry-related compliance, risk or security management certification is preferred.
• Experience in preparing, running/facilitating Risk Assessments.
• Being exposed to audits (internal and external) and how to run them effectively.
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
• Experience developing and submitting IT audit and compliance reports.
• Experience with effective communication at different levels in the organization and in English.
• Experience having worked in a global environment and with virtual teams.

 
Not a 100% match? No worries! Nestlé supports your personal growth with customized development solutions.
 
What You Can Expect in Your Application Journey:

1. Hit apply and enter our job portal.
2. Submit your application with your CV.
3. We will contact relevant applicants.
4. Interviews (HR, Hiring team, and stakeholders).
5. Feedback.
6. We make an offer.
7. Location-dependent checks and pre-onboarding.
8. First working day.
 
About Nestlé:
We are Nestlé, the largest food and beverage company with brands including KitKat, Nescafé, Maggi, Purina, among many others. We are approximately 275,000 employees strong, motivated by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. With more than CHF 94.4 billion in sales in 2022, we have an expansive presence, with 344 factories in 77 countries. Want to learn more? Visit us at www.nestle.com.

We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief, and disability.