IT Security & compliance executiveNestle AG
Salary: Agreement
Work form: Full time
Posting Date: 20/11/2025
Deadline: 04/09/2023
Job Description
Joining Nestl means you are joining the largest Food and Beverage Company in the world. At our very core, we are a human environment - passionate people driven by the purpose of enhancing the quality of life and contributing to a healthier future. A Nestle career empowers you to make an impact locally and globally, as you are provided with the opportunity to make a mark and stand out, as long as you seek it. With Nestle, you are enabled and encouraged to grow not only as professionals, but also as people.
OVERVIEW:
The IT Risk & Compliance Functional Relationship Manager, together with Market IT Business Relationship Manager, Functional Relationship Managers, and Business & IT Application Owners, will partner with business stakeholders to implement and sustain Nestl Security & Compliance frameworks. Ensures the proper implementation, management and sustenance of Risk, Compliance & Security within the Market. S/He will be overall responsible for the implementation of the Information Security Management System of the company ensuring compliance to the Industry Standards. S/He works with the market IT Applications Owners to ensure new and existing solutions are implemented and sustained secure & compliant by design.
S/He will support the alignment of local business requirements and local Regulatory & Legal IT Compliance requirements with the Security & Compliance Product teams through the use of ISMS Framework. S/He advocates and supports the deployment of global security & compliance solutions. S/He will be responsible for driving the awareness of Security & Compliance, practices, standards and behaviors across the Market organization including Senior Stakeholders.
As a Functional Relationship Manager, S/he represent the Business for IT and IT for the Business and will be involved in transparent communications, facilitation of issue resolution, triggering escalations processes when required, and gain a deep understanding of the IT organization, stakeholders and governance.
KEY RESPONSIBILITIES:
As the IT Security and Compliance Exec
Partner with internal and external stakeholders to define, plan, execute and refine strategy, definitions, and roadmaps to execute the market's Information Security Management System (ISMS) and maintain the market's ISO 27001 certification.
Plan/execute the market's Information Security Management System (ISMS)
Drive the continuous improvement of Security & Compliance posture by leading the Risk, Control & Applications owners through the ISMS Framework
Ensure the implementation of IT Standards and Global Controls
Ensures risk identification and controls mapping for all solutions and processes in market using the Nestl Risk, Compliance & Security framework
Ensures market engagement in Security Incident & Event response, first point in market for Cyber Security Operations Center (CSOC).
Provide insight into business disruptions caused by P1/P2 and unplanned outages
Represents the market teams with the auditors, supports market in providing documentation required to meet regulatory requirements (e.g. PCI, GxP)
Ensures market is trained in reporting Risk, Compliance & Security incidents, and events to meet internal & external requirements
Oversees the development & roll out of the Risk, Compliance & Security capability framework for their unit
Roll out, Promote and track of the Security & Compliance awareness and behavior training for market
Coaches & trains local teams on the implementation and management of risks, controls, and corrective actions through the implementation of the Nestl Compliance & Information Security Management System
Trains market teams on standards, policies, frameworks, and regulatory requirements
Identifies gaps between the desired level of compliance capability and the current level of maturity and propose and implement adjustments in capability development for market
As the Functional Relationship Manager
Accountable for ensuring all applications within their product are delivered and maintained secure and compliant with internal standards and external regulations, including privacy requirements, Business Continuity Plans etc.
Gain a deep understanding of functional Business objectives, processes, governance and challenges. Strong relationships with Business key stakeholders
Makes the link between specific business objectives, activities, initiatives, projects or programs and IT in order to identify, forecast and deliver multi-product group integrated value.
Works with product managers to ensure the business capabilities and business requirements are met in terms of integration of technical architecture across one or more product groups based on enterprise business strategy.
Steers the integration and adoption of solutions between receiver and product / product group / platform. Ensures the integration between multiple products is driven to generate value for the receiver.
QUALIFICATIONS:
10+ years of experience in information technology focusing ininformation security and compliance or data privacy is required.
Stakeholder management experience with proven record of successfully managing complex stakeholder network.
Experience working for or with a global matrixed organization including with virtual teams
Strong understanding of information risk, security guidelines, and IT Architecture internal and external standards.
Understanding of security regulation and information security related legislation.
Understanding of information systems architecture, including networking, application security controls and security devices
Ability to apply IT-related knowledge and experience in solving compliance gaps.
CERTIFICATIONS:
Systems Security Professional (CISSP),Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), ISO/IC 27001 Lead Implementer Certification, Certificate of Cloud Security Knowledge (CCS) or other similar credentials, is preferred. Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT and NIST.
We are Nestl, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4billion sales in 2018, we have an expansive presence with 413factories in more than 85countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more Visit us at www.nestle.com.
Joining Nestl means you are joining the largest Food and Beverage Company in the world. At our very core, we are a human environment - passionate people driven by the purpose of enhancing the quality of life and contributing to a healthier future. A Nestle career empowers you to make an impact locally and globally, as you are provided with the opportunity to make a mark and stand out, as long as you seek it. With Nestle, you are enabled and encouraged to grow not only as professionals, but also as people.
OVERVIEW:
The IT Risk & Compliance Functional Relationship Manager, together with Market IT Business Relationship Manager, Functional Relationship Managers, and Business & IT Application Owners, will partner with business stakeholders to implement and sustain Nestl Security & Compliance frameworks. Ensures the proper implementation, management and sustenance of Risk, Compliance & Security within the Market. S/He will be overall responsible for the implementation of the Information Security Management System of the company ensuring compliance to the Industry Standards. S/He works with the market IT Applications Owners to ensure new and existing solutions are implemented and sustained secure & compliant by design.
S/He will support the alignment of local business requirements and local Regulatory & Legal IT Compliance requirements with the Security & Compliance Product teams through the use of ISMS Framework. S/He advocates and supports the deployment of global security & compliance solutions. S/He will be responsible for driving the awareness of Security & Compliance, practices, standards and behaviors across the Market organization including Senior Stakeholders.
As a Functional Relationship Manager, S/he represent the Business for IT and IT for the Business and will be involved in transparent communications, facilitation of issue resolution, triggering escalations processes when required, and gain a deep understanding of the IT organization, stakeholders and governance.
KEY RESPONSIBILITIES:
As the IT Security and Compliance Exec
Partner with internal and external stakeholders to define, plan, execute and refine strategy, definitions, and roadmaps to execute the market's Information Security Management System (ISMS) and maintain the market's ISO 27001 certification.
Plan/execute the market's Information Security Management System (ISMS)
Drive the continuous improvement of Security & Compliance posture by leading the Risk, Control & Applications owners through the ISMS Framework
Ensure the implementation of IT Standards and Global Controls
Ensures risk identification and controls mapping for all solutions and processes in market using the Nestl Risk, Compliance & Security framework
Ensures market engagement in Security Incident & Event response, first point in market for Cyber Security Operations Center (CSOC).
Provide insight into business disruptions caused by P1/P2 and unplanned outages
Represents the market teams with the auditors, supports market in providing documentation required to meet regulatory requirements (e.g. PCI, GxP)
Ensures market is trained in reporting Risk, Compliance & Security incidents, and events to meet internal & external requirements
Oversees the development & roll out of the Risk, Compliance & Security capability framework for their unit
Roll out, Promote and track of the Security & Compliance awareness and behavior training for market
Coaches & trains local teams on the implementation and management of risks, controls, and corrective actions through the implementation of the Nestl Compliance & Information Security Management System
Trains market teams on standards, policies, frameworks, and regulatory requirements
Identifies gaps between the desired level of compliance capability and the current level of maturity and propose and implement adjustments in capability development for market
As the Functional Relationship Manager
Accountable for ensuring all applications within their product are delivered and maintained secure and compliant with internal standards and external regulations, including privacy requirements, Business Continuity Plans etc.
Gain a deep understanding of functional Business objectives, processes, governance and challenges. Strong relationships with Business key stakeholders
Makes the link between specific business objectives, activities, initiatives, projects or programs and IT in order to identify, forecast and deliver multi-product group integrated value.
Works with product managers to ensure the business capabilities and business requirements are met in terms of integration of technical architecture across one or more product groups based on enterprise business strategy.
Steers the integration and adoption of solutions between receiver and product / product group / platform. Ensures the integration between multiple products is driven to generate value for the receiver.
QUALIFICATIONS:
10+ years of experience in information technology focusing ininformation security and compliance or data privacy is required.
Stakeholder management experience with proven record of successfully managing complex stakeholder network.
Experience working for or with a global matrixed organization including with virtual teams
Strong understanding of information risk, security guidelines, and IT Architecture internal and external standards.
Understanding of security regulation and information security related legislation.
Understanding of information systems architecture, including networking, application security controls and security devices
Ability to apply IT-related knowledge and experience in solving compliance gaps.
CERTIFICATIONS:
Systems Security Professional (CISSP),Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), ISO/IC 27001 Lead Implementer Certification, Certificate of Cloud Security Knowledge (CCS) or other similar credentials, is preferred. Knowledge of common information security management frameworks, such as ISO 27001, ITIL, COBIT and NIST.
We are Nestl, the largest food and beverage company. We are 308,000 employees strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect: respect for ourselves, respect for others, respect for diversity and respect for our future. With more than CHF 91.4billion sales in 2018, we have an expansive presence with 413factories in more than 85countries. We believe our people are our most important asset, so we'll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geographies, working with diverse teams and cultures. Want to learn more Visit us at www.nestle.com.
Submit profile
Nestle AG
About the company
Nestle AG jobs
Philippines
Position IT Security & compliance executive recruited by the company Nestle AG at , Joboko automatically collects the salary of , finds more jobs on IT Security & Compliance Executive or Nestle AG company in the links above