IT Security and Compliance Manager (Remote)

IT Security and Compliance Manager (Remote)

At Nespresso, we place people and specialty coffee at the heart of what we do. As part of our team, you'll be empowered to inspire, care, act, and innovate to reach your full potential and reimagine what coffee can be.

As a certified B Corporation, we're committed to driving our triple bottom line People, Profit, and Planet by delivering an exceptional coffee experience that elevates our community, suppliers, farmers, and each other.

Quality, sustainability, diversity, and inclusion are core to who we are and critical to our vision of driving positive change. Join us!

Position Summary :

We are currently seeking a highly skilled and motivated IT Security and Compliance Manager to join our team. In this role, you will play a crucial part in streamlining collaboration between our Business and IT departments, working closely with the IT Director and IT streams.

As the IT Security and Compliance Manager, you will serve as the principal contact between multiple Business Stakeholders and IT stakeholders throughout the entire lifecycle of our products and services.

Your primary responsibility will be to ensure Nespresso USA's compliance with Nestle Information Security policies and regulatory standards.

Additionally, you will be accountable for market-specific security and compliance metrics, projects, and initiatives.

To excel in this role, you will need to actively stay updated on industry trends, possess excellent communication skills, and have a knack for facilitating issue resolution.

You will also be expected to trigger escalation processes when necessary and have a deep understanding of the IT organization, stakeholders, and governance.

Key Responsibilities :

Relationship Management :

• Deep understanding of functional business objectives, processes, governance, and challenges. Strong relationships with key business stakeholders.
• Maintains the same level of relationship within IT. Proactively shares business requirements / insights with IT, secures the required IT resources, and brings the right people together to ensure value creation for both the business and IT.
• Leads regular interactions between both organizations to inform and maintain a continuing good relationship and a shared vision.

Value Delivery :

• Regularly attends meetings with receivers and becomes part of their extended functional team.
• Establishes the link between specific business objectives, activities, initiatives, projects, or programs and IT to identify, forecast, and deliver integrated value across multiple products.
• Ensures value delivery and sustainability, assisting the business in finding durable solutions for pain points in adopting the products.
• Escalates items that are not receiving appropriate attention, including approvals and issue resolutions.
• Works with business units to understand operational processes and ensure their conformity to IT compliance standards.

Security, Compliance & Risk Management :

• Accountable for ensuring the delivery and maintenance of secure and compliant applications within their product, adhering to internal standards and external regulations, including privacy requirements and business continuity plans.
• Promotes and enforces adherence to global Nestle standards / guidelines and global and local regulatory compliance requirements.
• Identifies IT compliance control gaps and oversees the remediation process.
• Holds overall accountability for the performance of the Nespresso Information Security Management System (ISMS).
• Reports security incidents and non-compliant issues to the IT Director, functional teams, and market leadership.
• Ensures that all compliance and information security matters are properly represented and acted upon by responsible parties.
• Responsible for overseeing market's PCI compliance, managing the Attestation of Compliance (AOC) process to ensure compliance with PCI DSS standards.
• Supports and enables Nestle data privacy and protection standards in alignment with legal requirements.
• Serves as a key member of a team that drives data privacy behavior, shapes the culture of ethics and integrity, designs and implements compliance programs, enforces compliance initiatives, and builds awareness for employees around ethics and compliance.
• Manages the day-to-day operations of the data privacy program and serves as a data protection champion for the market.
• Works with the company's legal counsel to maintain standards and controls to comply with state, national, and international data privacy regulations and laws.

Leadership :

• Creates the context by aligning and adopting local and global security and compliance strategies, leading by example, promoting an open culture and our values in a sustainable way, and fostering innovation and an entrepreneurial mindset.
• Provides leadership, coaching, and training in the areas of compliance and information security to Nespresso USA end users and the Nespresso USA IT team.
• Drives cross-functional performance by empowering and enabling people, giving and receiving feedback, evaluating and differentiating performance, and constantly challenging the organizational setup to ensure results and effectiveness.
• Recognizes achievements by giving and receiving recognition and rewarding performance.

Experience and Education Requirements :

• Bachelor’s degree or higher required. Preferred field of study : Computer Science or any field related to IT Security and / or IT Compliance.
• Demonstrated experience in a product-based IT organization
• 5+ years of experience in IT required
• Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), or Certified Information Systems Manager (CISM) certification preferred
• Working knowledge and strong understanding of security best practices for IT technologies, including Windows Active Directory, network routing and switching, firewalls, cloud computing, cloud-based services, and Mobile Device Management (MDM)
• Working knowledge of APIs & integration, consumer research, and UI / UX
• Strong understanding of basic system engineering, information risk and security guidelines, and architecture standards
• Deep understanding of the IT landscape in the functional area
• Proven track record of taking ownership and successfully delivering results in a fast-paced, dynamic environment
• Understanding of various software development methodologies (e.g., agile, waterfall)
• Understanding of modeling techniques
• Experience with effective communication at different levels within an organization
• Experience working in a global environment and with virtual teams
• Excellent understanding of business complexity and interdependencies
• Understanding of how the technologies are applied in the scope by best-in-class companies
• Above-average organization and prioritization skills, with the ability to juggle multiple responsibilities at the same time

Skills, Experience, Qualifications, If you have the right match for this opportunity, then make sure to apply today.

J-18808-Ljbffr

Remote working / work at home options are available for this role.