Product Manager - Third Party Assurance & RiskWe are looking for a Product Manager - Third Party Assurance & Risk to be part of our IT Security and Compliance Department:
Position Snapshot: Location: Barcelona, SpainType of Contract: PermanentStream: IT Security & ComplianceType of work: HybridWork Language: Fluent Business EnglishThe role: Drive our program to ensure Nestlé's partners maintain the required levels of Cyber Security to protect Nestlé's operations and data. Your role will be to enhance and evolve our capabilities to categorize, agree controls, monitor them and where necessary audit those operated by Nestlé partners. Working with procurement and the different functions ensure that Nestlé's resilience is not negatively impacted by the cyber security of our third parties.
What you'll do: Maintain & enhance the Nestlé's framework of controls and tools to ensure the cyber security of partners, including defining the long-term business capability processes, automation, and digitalization roadmap.Work in collaboration with procurement and procurement legal to ensure that cyber security control requirements are built into the contracts and engagements as new contracts are created.Collaborate with other Nestlé IT teams to develop an approach to ensure Nestlé can provide assurance when approached as a partner to others.Maintain & enhance the Cloud Governance Framework and strengthen the visibility and monitoring of SaaS Cloud solutions.Ensure third party assurance and risk processes are aligned with other Nestlé IT product teams.We offer you: Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill!Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities.Minimum Requirements: Bachelor's degree or higher, preferably in computer science or a related field.15+ years of experience in Security & Compliance in large organizations.Strong understanding of information risk and security guidelines, architecture standards and frameworks (ISO 27001, COBIT, NIST) and Secure & Compliant by Design.Demonstrated experience of optimizing processes to minimize risks while enabling business agility.Experience with effective communication at different levels in the organization and virtual teams working in English.Bonus Points if you: Legal Background / Experience with Contract negotiations.Prior experience of implementation of a Third Party Assurance Program.Experience with TPRM and SSPM solutions and services.About the IT Hub At Nestlé IT, we are a diverse, global team of IT professionals in the biggest health, nutrition and wellness company in the world. We strive to create an environment where people are valued for who they are. We innovate every day through future-ready technologies to create opportunities for Nestlé to delight consumers, customers and employees alike. We collaborate with partners around the world to deliver tangible value at global scale. We continuously work to develop our people to be future ready.
We are Nestlé, the largest food and beverage company in the world, with a presence in more than 185 countries. With net sales of CHF 94.4 billion in 2022, the company has over 291,000 employees and 418 factories in 85 countries. Our values are based on respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. Nestlé is dedicated to offering high-quality food and beverage products and services that contribute to the nutrition, health, and well-being of people, pets, and the planet. Additionally, it is committed to being a leading company in sustainability and achieving net zero greenhouse gas emissions by 2050.
We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability.
How we will proceed:
#J-18808-Ljbffr