W360 Senior Risk Compliance Specialist

Position Summary Joining Nestlé means you are joining the largest food and beverage company in the world We are currently looking for a Sr IT Risk and Compliance Specialist to complete our Workforce360 Product Stream Operations Team in Milan, Italy. As our Risk and Compliance Specialist, you will be responsible for implementing, coaching, and supporting our integrated risk, compliance, and security management systems in accordance with the business risk appetite. This role includes evaluating unit IT risk and compliance with internal and external policies, standards, and regulations, assessing risks associated with each product, and supporting Product Groups in documenting and implementing corrective actions. You will work with IT team members globally to assess, identify, document, measure, and address compliance requirements, including but not limited to data protection, privacy, relationships with third parties, information security, and procurement within Workforce 360 products scope. A Day in the Life of an IT Senior Risk & Compliance Specialist Work with W360 Product/Platform Group owners and related specialists to enable and foster an appropriate IT risk and compliance environment by: Developing and overseeing IT controls and IT risk management systems in close collaboration with the Security & Compliance Stream, leveraging existing frameworks. Drafting, modifying, and implementing all necessary company IS/IT policies and standards. Conducting control checks, testing, management system reviews, and delivering assessments to the IS/IT compliance and management systems. Collaborating with Security & Compliance Stream, corporate counsels, and HR departments to monitor enforcement of policies, standards, and regulations. Keeping abreast of relevant regulatory developments and evolving best practices in IT risk compliance control. Preparing related reports for senior management, internal and external audits, and external regulatory bodies. Supporting Product/Product Group teams in implementing required IT compliance standards. Coordinating audit-related tasks and ensuring readiness of IT Product Group Managers for audits testing. Coaching & training Product/Product Group teams in the management of risks, controls, and corrective actions. Tracking and reporting compliance through relevant metrics. Overseeing the development and rollout of the Risk, Compliance & Security capability framework for their Product/Product Groups. What will make you successful 6-8 years of experience in risk management, compliance, information security, and IS/IT roles. Undergraduate degree in computer science, law, IS/IT Security, or related fields. Experience in developing and submitting IT audit, risk, and compliance reports. Effective communication skills at different organizational levels in English. Knowledge of regional, national, and local IT laws and regulations. Ability to apply IT-related knowledge in solving compliance issues. Understanding of cloud services, data processing, hardware platforms, enterprise software applications, and outsourced systems. General knowledge of business theory, processes, management, budgeting, and product management principles. Knowledge of emerging AI regulations and existing regulations such as GDPR. Ability to lead complex projects of Assessment of AI solutions and development of Responsible AI frameworks. Understanding of computer systems and integration capabilities. Experience in a global environment and with virtual teams. Holding Risk, Security, and Compliance certifications is mandatory - CISA, CISM, CRISC, CSX. Lead Implementor or Auditor ISO/IEC 27001. Additional Information Nestlé welcomes people with disabilities. This position offers a permanent contract and full-time work, with virtual working available in a global environment. J-18808-Ljbffr

Location: assago, IT

Posted Date: 2/26/2025