.Product Manager - Third Party Assurance & Risk We are looking for a Product Manager - Third Party Assurance & Risk to be part of our IT Security and Compliance Department:Position Snapshot:Location: Barcelona, SpainType of Contract: PermanentStream: IT Security & ComplianceType of work: HybridWork Language: Fluent Business EnglishThe role:Drive our program to ensure Nestlé's partners maintain the required levels of Cyber Security to protect Nestlé's operations and data. Your role will be to enhance and evolve our capabilities to categorize, agree controls, monitor them and where necessary audit those operated by Nestlé partners. Working with procurement and the different functions ensure that Nestlé's resilience is not negatively impacted by the cyber security of our third parties.What you'll do:Maintain & enhance the Nestlé's framework of controls and tools to ensure the cyber security of partners, including defining the long-term business capability processes, automation, and digitalization roadmap.Work in collaboration with procurement and procurement legal to ensure that cyber security control requirements are built into the contracts and engagements as new contracts are created.Collaborate with other Nestlé IT teams to develop an approach to ensure Nestlé can provide assurance when approached as a partner to others.Maintain & enhance the Cloud Governance Framework and strengthen the visibility and monitoring of SaaS Cloud solutions.Ensure third party assurance and risk processes are aligned with other Nestlé IT product teams.We offer you:Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill!Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities.Minimum Requirements:Bachelor's degree or higher, preferably in computer science or a related field.15+ years of experience in Security & Compliance in large organizations.Strong understanding of information risk and security guidelines, architecture standards and frameworks (ISO 27001, COBIT, NIST) and Secure & Compliant by Design.Demonstrated experience of optimizing processes to minimize risks while enabling business agility.Experience with effective communication at different levels in the organization and virtual teams working in English.Bonus Points if you:Legal Background / Experience with Contract negotiations.Prior experience of implementation of a Third Party Assurance Program