Risk and Compliance Specialist - Ciudad de México - Nestle

Nestle

Empresa verificada

Ciudad de México

hace 1 semana

Publicado por:

Rodrigo Fernández

Reclutador de talento para beBee

Descripción

About IT Nestlé

We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition, and wellness company of the world.

We innovate every day through forward-looking technologies to create opportunities for Nestlé's digital challenges with our consumers, customers and at the workplace.

We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.

In our IT Security & Compliance Team we are supporting Nestle to improve IT security and compliant ways of working.

We are shaping the IT Compliance frame to be in line with external and internal requirements.

You will be responsible to enhance the processes in different IT Compliance areas like Nestlé IT Standards, Data Privacy and Contract Management for 3rd parties and vendors related to IT Security & Compliance expectations.

This role requires a good understanding and collaboration on the one hand internally in our team and on the other hand with other parts of the company from Legal team to Procurement and Audit.

Furthermore, you need closely work together with central teams as well as local contacts in the different markets.

To enable this, you will be responsible for supporting the definition and providing the tools, processes, and frameworks to support IT risk & control management in Nestlé.

Key responsibilities

Sustain and improve tools and processes to support an integrated Risk, Compliance & Security Framework (including regulatory requirements such as Data Privacy).
Collaborate with Audit function to ensure one source of truth through the integration of reporting corrective & preventative actions and audit findings
Advise on and promote importance of related IT Risk, IT Compliance and Security outside the IS/IT community especially with legal and procurement teams
Drive root cause analysis of audit results and review documentation to embed improvements in tools and processes by clear definitions in IT Standards and practice documents
Support risk identification and control mapping for all solutions and processes in IT products and other IS/IT teams using the Nestlé Security, Risk & Compliance framework and management system.

Required Profile:

5+ years of experience in a combination of IT Risk management, IT Compliance, Information Security, and IS/IT jobs with good knowledge of complex technology environments
Undergraduate degree in the field of computer science, IS/IT Security, law, Quality Management; graduate degree in one these fields preferred
Industryrelated Compliance, Risk or Security management certification is preferred (e.g., CISA, CISM, CISSP, ISO27001, Lead Auditor, etc.)
Experience developing and submitting IS/IT audit and compliance reporting
Direct experience and knowledge of global, regional and local Information Technology laws, regulations and standards (e.g., GDPR, ISO27001, NIST, ITIL etc.)
General knowledge of business theory, processes, management, budgeting & office operations
Solid understanding of IT Product Management principles desired
Experience with effective communication at different levels in the organization and in English
Experience having worked in a global environment and with virtual teams.