*about it in nestlé*
we are a team of it professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for nestlé's digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.
as a sr. Specialist cyber security you'll provide technical security support and scripting expertise for global security initiatives. You'll provide support for global initiatives and deployment of security and compliance solutions such as mfa, sso, sfat. You'll be responsible for establishing and maintaining security products, platforms and solutions designed to mitigate it risks across nestlé group to ensure that information assets are adequately protected. You will also be responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. Also, provide support for scripting for automation initiatives.
*position snapshot*
*location*: nestlé méxico
*stream*: it security & compliance
*type of contract*: permanent
*key responsibilities*:
- ensures new products, platforms and solutions are implemented "secure & compliant by design"
- works directly with it product managers, brms and it customers to facilitate business it risk assessment and risk management processes, and works with stakeholders through the enterprise on identifying acceptable levels of residual risk
- facilitates a reporting framework in collaboration with the office of the cio to measure the efficiency and effectiveness of the program, promoting appropriate resource allocation, and increase the maturity of the security
- defines and facilitates the information security risk assessment process, including the reporting and oversight of treatment efforts to address findings
- provides strategic risk guidance for it projects and product management, including the evaluation and recommendation of technical controls
- liaises with the enterprise architecture team to ensure alignment between the security and enterprise architectures, thus coordinating the strategic planning implicit in these architectures
- ensures that security programs are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings
- works closely with enterprise architects ensure adequate security solutions are in place throughout all it products and platforms to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements
- develop the business, information and technical artifacts that constitute the enterprise information security architecture and solutions
*required profile*:
- degree in business administration or a technology-related field, or equivalent work
- or education-related experience
- 5+ years of experience in a combination of risk management, information security and it jobs
- experience in implementing cyber security
- experience in effective communication at different level in the organization and in english
- preference to have worked in a global environment and with virtual teams
- proven track record and experience developing information security policies and procedures and successfully executing programs that meet objectives of excellence in a dynamic environment