ISIT Risk and Compliance Specialist

OverviewJob title: ISIT Risk and Compliance SpecialistCompensation Range: $71,000 – $82,500 CADHybridAt Nestle Canada, we are committed to transparency and fairness in our compensation and job posting practices. This position offers a competitive salary within the range specified above, in compliance with Ontario's pay transparency regulations.A little bit about usNestlé Nespresso SA is the pioneer and reference for highest-quality portioned coffee. The company works with more than 120,000 farmers in 15 countries through its AAA Sustainable Quality™ Program to embed sustainability practices on farms and the surrounding landscapes. Launched in 2003 in collaboration with the NGO Rainforest Alliance, the program helps to improve the yield and quality of harvests, ensuring a sustainable supply of high-quality coffee and improving livelihoods of farmers and their communities.In 2022, Nespresso has achieved B Corp™ certification - joining an international movement of 4,900 purpose-led businesses that meet B Corp’s high standards of social and environmental responsibility and transparency.Headquartered in Vevey, Switzerland, Nespresso operates in 81 countries and has over 13,000 employees. In 2021, it operated a global retail network of 802 boutiques. For more information, visit the Nespresso corporate website: www.nestle-nespresso.comPosition SummaryWe are looking for an IS/IT Risk and Compliance Specialist to join Nespresso Canada at our Montreal office, reporting to the IS/IT Manager. In this role, you will support and coordinate the implementation of our integrated risk, compliance, and security management framework, aligned with the business’s risk appetite. You will help identify, document, measure, and address compliance requirements across key areas such as data protection, identity and access management, privacy, third ‑ party/vendor oversight, information security, and procurement. The Specialist ensures that teams can effectively manage all risk, compliance, and security obligations through our management system, contributing to the delivery of secure and compliant products and platforms. This position is an existing vacancy.A day in the life of a Risk and Compliance SpecialistResponsible for implementing, coaching and reporting on Governance, Risk, Compliance & Security through the Nestlé Compliance and Information Security management system within IS/IT:Supports risk identification and controls mapping for all solutions and processes in IS/IT teams using the Nestlé Security, Risk & Compliance framework and management systemResponsible for conducting system and reporting reviews to assess the IS/IT security compliance indexSupports teams in identifying and applying Internal and External (legal, regulatory and commercial) compliance requirementsCoaches and supports teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management systemAdvises on and promotes the importance of IS/IT related Risk, Compliance and Security outside the IS/IT communityResponsible for implementing and sustaining the tools and process for the Nestlé Compliance & Information Security Management System:Support an integrated Risk, Compliance & Security Framework (including regulatory requirements such as PCI and GDPR)Collaborates with Internal Control and IS/IT teams to ensure one source of truth through integration of reporting corrective & preventative actions and audit findingsSupports the execution of IS/IT audit activities and requests:Works with IS/IT teams and internal and external auditors, tracking and following up all IS/IT audits, internal review or regulatory findings as corrective & preventative actions through the management systemsMonitors and reports on progress and status of corrective & preventative actions in the management system to address compliance gaps.Supports IS/IT teams in ensuring the required levels of documentation and evidence is available to support audit and regulatory requirementsActs as a partner to all IS/IT units for IS/IT compliance questions and advice:Drives the development & roll out of the Risk, Compliance & Security competency framework for IS/IT team including the roll out and tracking of the awareness and behaviour trainingPerforms risk assessment according to agreed Risk & Compliance framework in collaboration with IS/IT teamsOversee market's PCI compliance. Collaborates to manage the Attestation of Compliance process (AoC) and SAQsCoaches IS/IT teams on standards, policies, frameworks and regulatory requirementsWhat will make you successful?2+ years of experience in a combination of risk management, compliance, information security and IS/IT jobsBachelor degree in the field of computer science or IS/IT SecurityDemonstrated ability to apply IS/IT-related knowledge and experience in solving compliance issuesEffective communication skills in both English and French, with the ability to engage at various organizational levels.Experience working in a global environment with cross-functional teamsIndependent, organized, strong collaborator, dynamic and a fast learnerNice to have: certifications in industry-related compliance, risk, or security management (CRISC, CISM, CISSP)Nice to have: Experience with ISMS certification, developing and submitting IS/IT audit and compliance reports, and knowledge of Archer.Bilingualism in English and French language skills are a requirement, as this position requires collaboration with stakeholders across the Canadian market (and/or globally).We have a friendly, supportive team with a coaching and mentoring environment. There are real opportunities for future development and progression – this really could be a move towards the exciting [functional area] career you’ve always wanted.Comprehensive total rewards benefits package including Health and Dental benefits that start on day one of employmentCompany matched pension planThree weeks of Vacation and six personal days (Personal Paid Holidays)Flexible and hybrid work arrangementsExcellent training and development programs as well as opportunities to grow within the companyAccess to Educational Assistance & Tuition ReimbursementFree Headspace Account – guidance to create habits to support your mental healthFree Nespresso Coffee Machines and $100 monthly coffee creditUp to 50% off – Nespresso Coffee Machine, Capsules and accessoriesAccess to the Discount Company store with Nestlé, Nespresso, and Purina products (Located across various Nestle offices/sites)Additional discounts on a variety of products and services offered by our preferred vendors and partnershipsWhat you need to knowWe will be considering applicants as they apply, so please don’t delay in submitting your application.Nestlé Canada is an equal-opportunity employer committed to diversity, equity, inclusion, and accessibility. We welcome qualified applicants to bring their diverse and unique experiences as a result of their education, perspectives, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, veteran’s status, colour, religion, disability, sexual orientation and beliefs.If you are selected to participate in the recruitment process, please inform Human Resources of any accommodations you may require.Nestlé will work with you in an effort to ensure that you are able to fully participate in the process.#LI-RH1Position SnapshotBusiness areas: Nespresso CanadaJob title: ISIT Risk and Compliance SpecialistCompensation Range: $71,000 – $82,500 CADHybridAt Nestle Canada, we are committed to transparency and fairness in our compensation and job posting practices. This position offers a competitive salary within the range specified above, in compliance with Ontario's pay transparency regulations.A little bit about usNestlé Nespresso SA is the pioneer and reference for highest-quality portioned coffee. The company works with more than 120,000 farmers in 15 countries through its AAA Sustainable Quality™ Program to embed sustainability practices on farms and the surrounding landscapes. Launched in 2003 in collaboration with the NGO Rainforest Alliance, the program helps to improve the yield and quality of harvests, ensuring a sustainable supply of high-quality coffee and improving livelihoods of farmers and their communities.In 2022, Nespresso has achieved B Corp™ certification - joining an international movement of 4,900 purpose-led businesses that meet B Corp’s high standards of social and environmental responsibility and transparency.Headquartered in Vevey, Switzerland, Nespresso operates in 81 countries and has over 13,000 employees. In 2021, it operated a global retail network of 802 boutiques. For more information, visit the Nespresso corporate website: www.nestle-nespresso.comPosition SummaryWe are looking for an IS/IT Risk and Compliance Specialist to join Nespresso Canada at our Montreal office, reporting to the IS/IT Manager. In this role, you will support and coordinate the implementation of our integrated risk, compliance, and security management framework, aligned with the business’s risk appetite. You will help identify, document, measure, and address compliance requirements across key areas such as data protection, identity and access management, privacy, third ‑ party/vendor oversight, information security, and procurement. The Specialist ensures that teams can effectively manage all risk, compliance, and security obligations through our management system, contributing to the delivery of secure and compliant products and platforms. This position is an existing vacancy.A day in the life of a Risk and Compliance Specialist :Responsible for implementing, coaching and reporting on Governance, Risk, Compliance & Security through the Nestlé Compliance and Information Security management system within IS/IT:Supports risk identification and controls mapping for all solutions and processes in IS/IT teams using the Nestlé Security, Risk & Compliance framework and management systemResponsible for conducting system and reporting reviews to assess the IS/IT security compliance indexSupports teams in identifying and applying Internal and External (legal, regulatory and commercial) compliance requirementsCoaches and supports teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management systemAdvises on and promotes the importance of IS/IT related Risk, Compliance and Security outside the IS/IT communityResponsible for implementing and sustaining the tools and process for the Nestlé Compliance & Information Security Management System:Support an integrated Risk, Compliance & Security Framework (including regulatory requirements such as PCI and GDPR)Collaborates with Internal Control and IS/IT teams to ensure one source of truth through integration of reporting corrective & preventative actions and audit findingsSupports the execution of IS/IT audit activities and requests:Works with IS/IT teams and internal and external auditors, tracking and following up all IS/IT audits, internal review or regulatory findings as corrective & preventative actions through the management systemsMonitors and reports on progress and status of corrective & preventative actions in the management system to address compliance gaps.Supports IS/IT teams in ensuring the required levels of documentation and evidence is available to support audit and regulatory requirementsActs as a partner to all IS/IT units for IS/IT compliance questions and advice:Drives the development & roll out of the Risk, Compliance & Security competency framework for IS/IT team including the roll out and tracking of the awareness and behaviour trainingPerforms risk assessment according to agreed Risk & Compliance framework in collaboration with IS/IT teamsOversee market's PCI compliance. Collaborates to manage the Attestation of Compliance process (AoC) and SAQsCoaches IS/IT teams on standards, policies, frameworks and regulatory requirementsWhat you need to knowWe will be considering applicants as they apply, so please don’t delay in submitting your application.Nestlé Canada is an equal-opportunity employer committed to diversity, equity, inclusion, and accessibility. We welcome qualified applicants to bring their diverse and unique experiences as a result of their education, perspectives, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, veteran’s status, colour, religion, disability, sexual orientation and beliefs.If you are selected to participate in the recruitment process, please inform Human Resources of any accommodations you may require.Nestlé will work with you in an effort to ensure that you are able to fully participate in the process.#LI-RH1Position SnapshotBusiness areas: Nespresso CanadaJob title: ISIT Risk and Compliance SpecialistCompensation Range: $71,000 – $82,500 CADHybridAt Nestle Canada, we are committed to transparency and fairness in our compensation and job posting practices. This position offers a competitive salary within the range specified above, in compliance with Ontario's pay transparency regulations.A little bit about usNestlé Nespresso SA is the pioneer and reference for highest-quality portioned coffee. The company works with more than 120,000 farmers in 15 countries through its AAA Sustainable Quality™ Program to embed sustainability practices on farms and the surrounding landscapes. Launched in 2003 in collaboration with the NGO Rainforest Alliance, the program helps to improve the yield and quality of harvests, ensuring a sustainable supply of high-quality coffee and improving livelihoods of farmers and their communities.In 2022, Nespresso has achieved B Corp™ certification - joining an international movement of 4,900 purpose-led businesses that meet B Corp’s high standards of social and environmental responsibility and transparency.Headquartered in Vevey, Switzerland, Nespresso operates in 81 countries and has over 13,000 employees. In 2021, it operated a global retail network of 802 boutiques. For more information, visit the Nespresso corporate website: www.nestle-nespresso.comPosition SummaryWe are looking for an IS/IT Risk and Compliance Specialist to join Nespresso Canada at our Montreal office, reporting to the IS/IT Manager. In this role, you will support and coordinate the implementation of our integrated risk, compliance, and security management framework, aligned with the business’s risk appetite. You will help identify, document, measure, and address compliance requirements across key areas such as data protection, identity and access management, privacy, third ‑ party/vendor oversight, information security, and procurement. The Specialist ensures that teams can effectively manage all risk, compliance, and security obligations through our management system, contributing to the delivery of secure and compliant products and platforms. This position is an existing vacancy.A day in the life of a Risk and Compliance Specialist :Responsible for implementing, coaching and reporting on Governance, Risk, Compliance & Security through the Nestlé Compliance and Information Security management system within IS/IT:Supports risk identification and controls mapping for all solutions and processes in IS/IT teams using the Nestlé Security, Risk & Compliance framework and management systemResponsible for conducting system and reporting reviews to assess the IS/IT security compliance indexSupports teams in identifying and applying Internal and External (legal, regulatory and commercial) compliance requirementsCoaches and supports teams in managing Risk, Compliance & Security gaps through documented corrective & preventative actions, tracked through the management systemAdvises on and promotes the importance of IS/IT related Risk, Compliance and Security outside the IS/IT community #J-18808-Ljbffr