About the job
Global IT Hub in Barcelona
Company: Nestlé Global Business Services
We are a multicultural and diverse team of IT professionals driving the biggest IT operations landscape and digital transformation of the FMCG industry. We work with leading technologies and solutions to enable Nestle to engage with millions of consumers worldwide. We transform how we use data with machine learning, advanced analytics, and introduce automation to drive industry 4.0 opportunities in areas including supply chain and manufacturing.
In order to complete our Security & Compliance Department, we are currently looking for a IoT Senior Cyber and Digital Security Specialist.
In this position, you will be responsible for establishing and maintaining security products, platforms and solutions designed to mitigate IS/IT risks across Nestlé Group to ensure that information assets are adequately protected. You will be responsible for the identification, evaluation and reporting of information security risks in a manner that meets compliance and regulatory requirements, aligning with and supporting the risk posture of the enterprise. You will proactively work with IS/IT and business units to implement practices that meet defined policies and standards for information security. You will also continuously research and stay on top of emerging security threats, technologies and trends.
A day in the life of...
Conduct systematic security assessments of Digital Solutions (Web Sites, Mobile and Social Media Applications, Cloud Solutions and associated infrastructure, etc.) to identify security risks.
Ensure new products, platforms and solutions are implemented "Secure & Compliant by Design".
Directly contribute to growth and development of Consumer Internet of Things (IoT) solutions
Provide strategic risk guidance for IT projects and product management, including the evaluation and recommendation of technical controls.
Ensure that Consumer IoT solutions are in compliance with relevant laws, regulations and policies to minimize or eliminate risk and audit findings.
Develop the business, information and technical artifacts that constitute the enterprise information security architecture and solutions.
Serve as a security expert in DevOps, application development, helping product teams comply with enterprise and IT security policies, industry regulations and best practices.
What Will Make You Successful
University Degree in a technology-related field, or equivalent work- or education experience
8+ years of experience in a combination of risk management, information security and IS/IT jobs
Good understanding of IoT vulnerability lifecycle management including FOTA processes, open source code monitoring and firmware review cycles
Successful experience in implementing cyber security with Digital teams and products
Experience implementing MCU architectures, system firmware security requirements
Experience developing IoT solutions in the consumer space securely end-to-end
Effective communication at different level in the organization and in English
Preference to have worked in a global environment and with virtual teams
Knowledge and understanding of relevant legal and regulatory requirements, General Da-ta Protection Regulation (GDPR), Payment Card Industry/Data Security Standard (PCI) or relevant local or global laws, standards and regulations
Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Secure Software Lifecycle Professional (CCSLP) or other similar credentials, is preferred
Excellent interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences
Poise and ability to act calmly and competently in high-pressure situations
Must be a critical thinker with strong problem-solving skills
High degree of initiative,and ability to work with little supervision
We look for people who are curious, courageous, innovative, collaborative and passionate about new technologies. We want to hear from people who have the courage to challenge; believe the only way of moving forward is by doing and who look for solutions to improve the lives of our consumers.
If this is you and you want to make an impact globally, join us and there will be no limits to your career. #makeITpossible at Nestlé