IS / IT Risk&Compliance Senior Specialist

Press Tab to Move to Skip to Content Link

We are looking for a Senior Risk and Compliance Specialist to join our IT Marketing, Sales, and eCommerce (MSE) stream in Barcelona.

Position Snapshot :

• Type of Contract: Permanent
• Function and Stream: IT Marketing, Sales, and eCommerce
• Type of Work: Hybrid
• Work Language: Fluent Business English

The Role :

As a Senior Risk and Compliance Specialist, you will be responsible for maintaining, supporting, and improving our compliance and security management systems (ISMS) within our product-based organization. You will work closely with the Security Stream and collaborate with markets as needed, supporting global IT teams in identifying, documenting, and addressing compliance and security requirements, including data protection, privacy, third-party/vendor management, information security, and procurement.

You will operate using a risk-based approach, enabling product teams to develop risk treatment plans and verifying whether existing controls adequately cover identified risks or if additional measures are necessary. You will also provide tools, processes, and frameworks to support IT Security and Compliance initiatives across Nestlé.

What You’ll Do :

• Implement, coach, report on, and improve Risk, Compliance & Security processes within the Nestlé Compliance and Information Security management system.
• Support the implementation of compliance frameworks for new products, including ISMS risk assessments, Archer controls, and Compliance Enabler Network SPOCs.
• Assist in risk identification and control mapping across solutions and processes in collaboration with product and IT teams, utilizing Nestlé’s Security, Risk & Compliance frameworks.
• Coach teams to identify and manage gaps in Risk, Compliance & Security, tracking corrective and preventive actions through Archer.
• Monitor security and compliance KPIs, taking corrective actions when necessary.
• Lead and coordinate internal and external audits and reviews, preparing impacted teams.
• Maintain ISMS documentation and facilitate risk assessment exercises following ISMS frameworks.
• Serve as the security and compliance ambassador within the stream, acting as the main contact for related questions or concerns, and promoting awareness and best practices.

We Offer You :

• Competitive salary and a comprehensive benefits package, including pension plans, health insurance, restaurant card, and mobility plans.
• Opportunities for personal and professional growth through ongoing training and career development.
• Hybrid working environment with flexible schedules, a state-of-the-art campus, and amenities such as a medical center, canteen, and social areas.
• Recreation activities like yoga and Zumba, along with volunteering opportunities.

Join our global team at Nestlé, where you will drive innovation and leverage cutting-edge technologies in a collaborative environment with international partners.

What Will Make You a Great Fit :

• 7+ years of experience in risk management, compliance, information security, or related IT roles.
• Graduate degree in computer science, law, IT Security, Quality Management, or business administration.
• Industry-related certifications in compliance, risk, or security are preferred.
• Experience with risk assessments, audits, and developing IT audit and compliance reports.
• Excellent communication skills in English and experience working in a global, virtual team environment.

Not a perfect match? No worries! Nestlé supports your personal growth with customized development solutions.

Application Process :

1. Apply via our job portal with your CV.
2. We will contact suitable candidates.
3. Attend interviews with HR, the hiring team, and stakeholders.
4. Receive feedback and an offer if selected.
5. Complete location-specific checks and pre-onboarding.

We are Nestlé, a leading food and beverage company with brands like KitKat, Nescafé, Maggi, and Purina. With approximately 275,000 employees and CHF 94.4 billion in sales (2022), we operate globally with a commitment to enhancing quality of life and respecting diversity. Learn more at our website. We encourage applicants from diverse backgrounds and identities to apply.