• Job Description

  Req#: 252081

  We are the Nestlé Nespresso SA Company and are proud to be one of the fastest growing operating unit of Nestlé. Our passionate, entrepreneurial-minded team has transformed Nespresso into the reference in portioned coffee and one of the world’s most trusted brands. Our growth comes from our commitment to research and development in order to pioneer and be the reference in the portioned coffee sector to provide the very highest quality coffees that could be enjoyed in the comfort of consumers' own homes and also savored at out-of-home locations, such as restaurants, hotels, offices and luxury retail businesses. We guarantee quality by taking a careful, thoughtful approach in how we source our ingredients, produce and market our premium coffee products. With corporate headquarters in Lausanne, Switzerland, Nespresso is present in over 60 countries and counts over 12,000 employees worldwide. To learn more visit www.nespresso.com.

  We are looking for a Security, Risk & Compliance Lead to be part of our Market, Sales and eBusiness Solutions Department.

  Position Snapshot

  • Location: Esplugues de Llobregat, Barcelona.
  • Type of Contract: Permanent
  • Type of work: Hybrid/Remote
  • Work Language: Fluent Business English

  The role

  The main responsibility of the role is to assess, oversee and drive security and IT compliance for the Nespresso Digital Tech product group. They focus on PCI-DSS compliance and consumer data protection while also using the Nestlé methodology and toolset to manage risk, compliance, quality, and security to ensure a secure and compliant payment environment.

  
  What you’ll do

  The Security, Risk & Compliance Lead is responsible for ensuring the implementation and management of risk, compliance, and security within the product groups at Nespresso, in a consistent integrated global approach, this includes:

  • Ensuring that risk identification and controls mapping is carried out for all solutions and processes, using the Nestlé Risk, Compliance & Security framework.
  • Supporting the product groups in identifying and meeting internal and external compliance requirements, particularly focusing on PCI-DSS and consumer data privacy., tracking them through the information management system.
  • Participating in the creation and modification of technology compliance policies and frameworks and support the product groups in implementing the required IS/IT compliance training product teams on standards and regulatory requirements.
  • Collaborating with the Risk, Compliance & Security function to ensure that the necessary documentation and evidence are in place to meet audit and regulatory requirements.
  • Coordinating audits and audit-related tasks, tracking and documenting compliance gaps, facilitating the creation and modification of compliance policies and frameworks with a particular focus on SAQ audits. Representing the product team with the auditors.

  
  We offer you

  
  We offer more than just a job. We put people first and inspire you to become the best version of yourself.

  
  • Great benefits including competitive salary and a comprehensive social benefits package. We have one of the most competitive pension plans on the market, as well as flexible remuneration with tax advantages: health insurance, restaurant card, mobility plan, etc.
  • Personal and professional growth through ongoing training and constant career opportunities reflecting our conviction that people are our most important asset.
  • Hybrid working environment with flexible working scheme. Our state-of-the-art campus is dog friendly and equipped with a medical center, canteen and areas to co-create network and chill!
  • Recreation activities such as yoga, Zumba, etc. and a wide range of volunteering activities.

  Minimum qualifications:

  
  • 5+ years in PCI – DSS and consumer data privacy previous experience
  • 3+ years Experience on risk identification and control mapping for solutions and processes based on a Security, Risk & Compliance framework.
  • Strong collaboration in a global environment with the ability to influence without authority
  • Strong communication skills, with different levels of the hierarchy

  Bonus Points If You bring:

  
  • PCI-DSS ISA experience
  • ISO 27001 / ISMS experience

  About Nestlé

  We are Nestlé, the largest food and beverage company in the world, with a presence in more than 185 countries. With net sales of CHF 94.4 billion in 2022, the company has over 291,000 employees and 418 factories in 85 countries. Our values are based on respect: respect for ourselves, respect for others, respect for diversity, and respect for our future. Nestlé is dedicated to offering high-quality food and beverage products and services that contribute to the nutrition, health, and well-being of people, pets, and the planet. Additionally, it is committed to being a leading company in sustainability and achieving net zero greenhouse gas emissions by 2050. Want to learn more? Visit us at: www.nestle.com

  We encourage the diversity of applicants across gender, age, ethnicity, nationality, sexual orientation, social background, religion or belief and disability.
  Step outside your comfort zone; share your ideas, way of thinking and working to make a difference to the world, every single day. You own a piece of the action – make it count.

  Join Nestlé #beaforceforgood

  How we will proceed:

  You send us your CV → We contact relevant applicants → Interviews → Feedback → Job Offer communication to the Finalist → First working day
  

  .

• About the company

  Nestlé SA is a Swiss multinational food and drink processing conglomerate corporation headquartered in Vevey, Vaud, Switzerland.

Notice