Sr. Risk & Compliance Specialist

We are looking for a Risk and Compliance Specialist to join our IT Workforce 360 stream in Barcelona.

Position Snapshot :

• Type of Contract : Permanent
• Function and Stream : IT Workforce 360 stream
• Type of Work : Hybrid
• Work Language : Fluent Business English

The Role :

Under the supervision and guidance of her / his primary Community of Practice Lead and IT Service Management (ITSM) / Digital Employee Experience (DEX) Product Group Manager based in Barcelona, the Risk and Compliance Specialist is responsible for implementing, coaching, and supporting an integrated risk, compliance, and security management systems in accordance with the business risk appetite.

The management systems enable the IT teams globally to identify, document, measure, and address their compliance requirements, including but not limited to data protection, privacy, 3rd party / vendor, information security, and procurement.

The Risk and Compliance Specialist's responsibilities include ensuring the teams are able to drive all their risks, compliance, and security requirements through the management system, ensuring compliant and secure products & platforms meeting the business risk appetite.

To enable this, in collaboration with the security teams, s / he is responsible for providing the tools, processes, and frameworks to support IT Compliance in Nestlé and for conducting IT controls testing. S / he is an active member of the ITSM / DEX Leadership Team.

What You’ll Do :

• Be responsible for implementing, coaching, and reporting on Risk, Compliance & Security through the Nestlé Compliance and Information Security management system within IT Service Management / DEX.
• Support risk identification and controls mapping for all solutions and processes in product / product groups and other IT teams using the Nestlé Security, Risk & Compliance framework and management system.
• Be responsible for conducting controls testing, management system reviews, and reporting to assess the IT compliance and management system.
• Support all IT teams in identifying and applying Internal and External (legal, regulatory, and commercial) compliance requirements.
• Support the implementation of Compliance Frameworks for new Products (i.e. ISMS RAs, Archer Controls, Compliance Enabler Network SPOCs) via an advisory role, and also by developing and coaching new teams / individuals.
• Be responsible for the ITSM / DEX Compliance Enablers network - S&C cascade and meetings.
• Coach and support teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management system.
• Provide guidance and support to IT teams in implementing by design the required IT compliance in their solutions to meet the desired level of compliance maturity and risk appetite in the Nestlé Framework.
• Be responsible for tracking the compliance through relevant metrics.

We Offer You :

• Great benefits including salary and a comprehensive social benefits package. We have one of the best pension plans on the market, as well as flexible remuneration with tax advantages : health insurance, restaurant card, mobility plan, etc.
• Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
• Hybrid working environment with a flexible working scheme. Our state-of-the-art campus is dog-friendly and equipped with a medical center, canteen, and areas to co-create, network, and chill!
• Recreation activities such as yoga, Zumba, etc., and a wide range of volunteering activities.

Join our global team of IT professionals at Nestlé, driving daily innovation and leveraging cutting-edge technologies to address digital opportunities. Grow professionally in a dynamic and impactful environment, collaborating with business partners worldwide to deliver integrated technology solutions!

What Will Make You a Great Fit :

• 5+ years of experience in a combination of risk management, compliance, information security, and IT jobs.
• Undergraduate degree in the field of computer science, law, IT Security, Quality Management, or business administration; graduate degree in one of these fields preferred.
• Industry-related compliance, risk, or security management certification is preferred.
• Experience in preparing, running / facilitating ISMS Risk Assessments; familiarity with ITSM / DEX Product Groups and services is a plus.
• Demonstrated ability to apply IT-related knowledge and experience in solving compliance issues.
• Experience developing and submitting IT audit and compliance reports.
• Experience with effective communication at different levels in the organization and in English.
• Experience having worked in a global environment and with virtual teams.

Not a 100% match? No worries! Nestlé supports your personal growth with customized development solutions.

What You Can Expect in Your Application Journey :

• Hit apply and enter our job portal.
• Submit your application with your CV.
• We will contact relevant applicants.
• Interviews (HR, Hiring team, and stakeholders).
• Feedback.
• We make an offer.
• Location-dependent checks and pre-onboarding.