W360 Senior Risk Compliance Specialist Milano

W360 Senior Risk Compliance Specialist
Milano
Lombardia, Milano

• Nestlé welcomes people with disabilities

• IS/IT – Workforce 360 Risk&Compliance Team, reporting to IT W360 Risk & Compliance Manager

• Permanent contract

• Full-time work, virtual working available in a global environment

• Master or Bachelor's degree in Computer Science, Sciences or Engineering, Information Systems, business administration or related field

• Minimum 6-8+ years of experience in a combination of risk management, compliance, information security and IS/IT jobs

• Experience with effective communication at different levels in the organization and in English

Position Summary

Joining Nestlé means you are joining the largest food and beverage company in the world!

In order to complete our Workforce360 Product Stream Operations Team, we are currently looking for a Sr IT Risk and Compliance Specialist.

Are you a talented Sr Risk & Compliance Specialist ready to join Nestlé Workforce 360 Product Stream Operations team in Milan, Italy?

As our Risk and Compliance Specialist, you are responsible for implementing, coaching and supporting our integrated risk, compliance and security management systems in accordance to the business risk appetite.

The role includes evaluating the unit IT risk and compliance with internal and external policies, standards and regulations, assessing the risks associated with each product and supporting the Product Groups in documenting and implementing corrective actions as well as ensuring that appropriate actions, checks and reviews are in place to deliver a risk based continuous improvement management system for compliance.

You work with IT team members all over the world to assess, identify, document, measure and address compliance requirements, including but not limited to data protection, privacy, relationships with 3rd parties, information security and procurement within Workforce 360 products scope.

A Day in the Life of a IT Senior Risk & Compliance Specialist

Work with W360 Product/Platform Group owners and related specialists to enable and foster an appropriate IT risk and compliance environment by:

Developing and overseeing IT controls and IT risk management system (in close collaboration with Security & Compliance Stream, leveraging existing and agreed frameworks) to prevent or deal with IT control violations, using the Nestlé Security, Risk & Compliance framework and management system (ISO 27001)Draft, modify and implement all necessary company IS/IT policies and standardsConduct control checks, testing, management system reviews and deliver assessment to the IS/IT compliance and management systemsCollaborate with Security & Compliance Stream, corporate counsels and HR departments to monitor enforcement of policies, standards and regulationsKeep abreast of relevant regulatory developments within or outside of the company as well as evolving best practices in IT risk compliance controlContribute to (and where relevant own) the preparation of related reports for senior management, internal and external audits as well as external regulatory bodies as appropriateSupports the Product/Product Group teams in implementing by design the required IT compliance standards in their solutions to meet the desired level of compliance maturity according to the Nestlé FrameworkCoordinates audit-related tasks, such as audits requests, and ensure the readiness of IT Product Group Managers and IT Product Managers as well as Partners and their organizations for audits testing: facilitate the timely resolution of any audit findings (includes supporting product/product groups in the execution and follow-up of Partner Compliance Audits, including cloud)Coaches & trains Product/Product Group teams in the management of risks, controls and corrective actions through the implementation of the Nestlé Information Security Management System (ISMS)Tracks and reports the compliance through relevant metricsOversees the development and roll out of the Risk, Compliance & Security capability framework for their Product/Product Groups, including the roll out and tracking of the awareness and behaviour training for all team members What will make you successful 6-8+ years of experience in a combination of risk management, compliance, information security and IS/IT jobsUndergraduate degree preferable in the field of computer science, law, IS/IT SecurityExperience in developing and submitting IT audit, risk and compliance reportsExperience with effective communication at different levels in the organization and in EnglishDirect experience and knowledge of regional, national and local IT laws and regulationsDemonstrated ability to apply IT-related knowledge & experience in solving compliance issuesDemonstrated understanding of cloud services, data processing, hardware platforms, enterprise software applications and outsourced systemsGeneral knowledge of business theory, business processes, management, budgeting and business office operations and solid understanding of product management principlesKnowledge of emerging AI regulations and key governance, risk management and other existing regulations such as GDPR, Data Act, etcAbility to lead complex projects of Assessment of AI solutions;Development and implementation of Responsible AI frameworks and advanced analytics tools. Understanding of computer systems and integration capabilitiesExperience in working in a global environment and with virtual teamsHolding Risk, Security and Compliance certifications is mandatory - CISA, CISM, CRISC, CSXLead Implementor or Auditor ISO/IEC 27001

#J-18808-Ljbffr