It Risk & Compliance Specialist

Detalles de la oferta

**About IT in Nestlé**
We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for Nestlé's digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.

Optimizing the ways of working through automation and innovation. Under the supervision and guidance of her/his primary Line Manager and Product Manager based in Spain, the Specialist IT Compliance role is to assess, oversee and drive all compliance issues within his/her area (product, product group, stream) including but not limited to information security, data protection, privacy, 3rd party/vendor and procurement. The role includes evaluating the unit's compliance with internal and extrenal policies, standards and regulations, assessing the risks associated with each product and supporting the product teams in documenting and implementing corrective and ensuring the appropriate actions, checks and reviews are in place to deliver a risk based continuous improvement management system for compliance. To enable this, s/he is responsible for providing the tools, processes and frameworks to support IT Compliance in Nestlé and for conducting IT Cloud controls testing.

**Position Snapshot**
**Location**: Nestlé México
**Stream**: IT Security & Compliance
**Type of Contract**: Permanent

**Key Responsibilities**:
**General Outputs**
Responsible for driving Risk, Compliance & Security as a management system within the product/product group team:

- Ensures the proper implementation, management and follows up of Risk, Compliance & Security within product/product groups
- Ensures risk identification and controls mapping for all solutions and processes in product/product groups using the Nestlé Risk, Compliance & Security framework
- Coordinates audit-related tasks such as ensuring the readiness of IS/IT Product Managers, Partner Delivery Managers and their organizations for audits testing and facilitating the timely resolution of any audit findings
- Ensures Risk, Compliance & Security gaps within the product/product groups are documented in corrective & preventative actions and tracked through the management system
- Facilitates the creation and modification of all technology compliance policies and frameworks owned by their product/product groups
- Supports the product/product group teams on implementing by design the required IS/IT compliance in their solutions to meet the desired level of compliance maturity in the Nestlé Framework
- Responsible for tracking the product/product groups compliance through relevant metrics and driving continuos improvement through the management system

**Tools, Processes and Frameworks**
Responsible for implementing and sustaining the tools and process for the Nestlé Cloud Compliance Framework:

- Implements tools and process to support an integrated Risk, Compliance & Security Framework
- Maintains the management system through continuous review and evaluation of external frameworks and standards (e.g., ISO27001, COBIT, NIST, ITIL etc.)
- Maintains and develops the Cyber Risk Framework to address the evolving risk environment
- Develops and sustains the Controls Library by translating Nestlé, Regulatory & Industry standards into actionable control points
- Collaborate with Audit, IT & NBE support functions to ensure one source of truth through integration of reporting corrective & preventative actions and audit findings
- Processes and procedures for lifecycle management of all technology compliance policies, standards and frameworks in Nestlé, including exceptions management
- Responsible for defining maintaining an integrated risk, compliance & security index

**Regulatory & Audit Outputs**
- Supports the execution of IT audit activities and requests
- Works with IT teams and internal and external Auditors, tracking and following up all IT audits, internal review or regulatory findings as corrective & preventative actions through the management systems
- Validates root causes have been addressed prior to closure of corrective & preventative actions
- Supports IT teams in ensuring the required levels of documentation and evidence to support audit and regulatory requirements
- Drives root cause analysis across audits and reviews to identify and document required improvements in tools, processes and documentation in the cloud framework
- Supports IT teams in the execution and follow-up of Partner Compliance Audits regarding the cloud framework

**Required Profile**:

- At least 5 years of experience in a combination of risk management, compliance, information security and IT audit jobs.
- Undergraduate degree in the field of computer sc


Salario Nominal: A convenir

Fuente: Whatjobs_Ppc

Requisitos

Becario Perfilador De Datos Chuburna

Capturar y actualizar bases de datos Manejo de Excel Intermedio (Tablas dinámicas, fórmulas básicas, búsquedas) Comunicación Oral y Escrita Organizado Traba...


Tecnoguía Empresarial - Yucatán

Publicado 5 days ago

Manager, Client Experience Technical

**A LITTLE BIT ABOUT Boldr**: - Boldr is the first global B-Corp dedicated to delivering world-class Client experiences while creating access to dignified, ...


Boldr - Yucatán

Publicado 5 days ago

Technical Lead Software Development Engineer, Android

About the teamZillow started in 2006 and is the most visited real estate website in the United States with over 10.5 billion visits in 2022, and an average o...


Zillow - Yucatán

Publicado 5 days ago

Salesforce Administrator

We're looking for someone with a strong background in Salesforce Sales Cloud, Salesforce Service Cloud, and SFDC Configure Price Quote (CPQ). If you're colla...


Unosquare - Yucatán

Publicado 5 days ago

Built at: 2024-11-23T09:19:05.540Z