To strengthen our Global Tech Hub in Barcelona, we are looking for an IT Operations Specialist in Security & Compliance to join our Product Stream Operations Team in the Finance and Legal Department.
Position Snapshot :
Location : Nestlé Global Hub in Barcelona, Spain
Stream : IT Finance&Control and Legal
Type of Contract : Permanent
Type of Work : Hybrid
Work Language : Fluent Business English
The role
Supported by the Product Stream Operations Manager, you will guide and educate the Product Group Managers and their teams with regards to Security & Compliance.
You will support them as they work to resolve compliance issues. You will oversee the stream’s compliance with internal and external policies, standards, and regulations.
You will also ensure that the appropriate actions, checks, and reviews are in place to deliver a risk-based continuous improvement management system for compliance.
You will oversee and guide vendor project services on transversal projects such as upgrades, and actively participate in or lead other strategic initiatives.
What you’ll do
- Work closely with the Product teams to understand their solutions and be a guardian on information security.
- Help assess & Identify risks within the Information Security Management System (ISMS ISO 27001 : 2022) framework as well as report on security risks and non-compliance issues.
- Support the implementation of the Information Security Management System (ISMS) including risk assessments, Independent Internal Reviews, and external (re)certification audits.
- Collaborate with the product teams to build remediation plans, standard routines for control procedures and execute controls to mitigate identified risks.
- Maintain effective and trusted relationships with Head of Stream, Product Group Managers and their teams, ISMS Leads, Security & Compliance teams, the Legal SPOC, Solution Architects, Regional Compliance SPOCs and other major stakeholders.
- Support in scope solutions with internal and external audits and provide guidance on the definition and execution of audit remediation plans.
- Provide guidance to application owners on the controls required for new solutions.
- Monitor performance measures and highlight action areas to the teams.
- Encourage and drive a strong Security and Compliance mindset and related behaviours.
- Oversee the definition, testing, and implementation of cross product projects, such as SAP and non-SAP upgrades and maintenance, with our vendor service.
- Advocate best practices across the stream.
- Collaborate closely with peers in the F&L product stream operations team, ensuring alignment and shared ownership.
We offer you
- We offer more than just a job. We put people first and inspire you to become the best version of yourself.
- Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages : health insurance, restaurant card, mobility plan, etc.
- Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
- Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill!
- Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities.
Minimum qualifications :
- Bachelor’s or master’s degree in information systems, Business Administration, Engineering or related discipline, or equivalent work experience.
- 5+ years of experience in diverse roles including some exposure to risk management, information security, and compliance.
- Project management experience.
- Understanding & experience of Infrastructure, Application, Web, Cloud & User Security.
- Very strong organizational skills with a systematic and thorough approach to work
- Excellent verbal and written communication skills, with a particularly strong ability to gain buy-in from product teams and business stakeholders.
- Experience working in a global environment and collaborating with virtual teams.
- Experience collaborating with vendor teams.
- Familiarity with traditional and agile program management methodologies
- Ability to communicate effectively at various levels within the organization, particularly through English.
- Can-do mindset with an appetite for continuous improvement
- Familiarity with tools and technologies such as Archer, ServiceNow, BPML, Solman, SAP, and Azure DevOps.
Bonus Points If You :
Have industry related compliance, risk or security management certification is desirable, , Information Security Management System (ISMS ISO 27001 : 2022) certification.
About the IT Hub
At Nestlé IT, we are a diverse, global team of IT professionals in the biggest health, nutrition and wellness company of the world.
We strive to create an environment where people are valued for who they are. We innovate every day through future ready technologies to create opportunities for Nestlé to delight consumers, customers and employees alike.
We collaborate with partners around the world to deliver tangible value at global scale. We continuously work to develop our people to be future ready.
We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability.
Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day.
You own a piece of the action make it count.
Join Nestlé’s IT Hub #beaforceforgood
How we will proceed :
You send us your CV We contact relevant applicants Interviews Feedback Job Offer communication to the Finalist First working day