IT Security and Compliance Analyst

2

IT Security and Compliance Analyst

York - Hybrid (2-3 days per week on-site)

12 months

Main Purpose:

Provide Security & Compliance support to the NiM businesses and IT incl. relevant contribution to agreed IT support model, operational sustain incl. incident and request management, Market Security Compliance Indicator (MSCI) measure and Information Security Management (ISMS) contribution.

Key Outputs:

Sustain the IT product portfolio, across all UKI NiM (Nestle in the Market) businesses, by providing first level support, incorporating the Service Portal and subject matter experts, to agreed targets and SLO, ensuring Compliance by following relevant GLOBE Standards and Policies, incl. Nestlé IT Security Policy and Cyber Securirty Awareness
Supporting the Security & Compliance Specialists with ownership or support of relevant MSCI measures and ISMS controls
Providing support to the Market Role Coordinator for GLOBE SAP Security sustain and projects
Supporting the application compliance process and governance framework for solution onboarding. Specifically supporting facilitation of the Control Decision Tree, application controls and supporting IT application owners to supply adequate evidence whilst providing guidance on required remediation.
Sustaining the IT Software Asset Management Standard, with specific support where required (incl. supporting SAM Service Functional Owners, compliance evidence, ensuring SAM compliant process and behaviours)
Maintain knowledge in key areas of Security & Compliance to ensure cross-skilling and sufficient cover for team members
Supporting the IT and business to ensure we are 'In Control' inc. IT Standards & controls

Key Relationships External to Nestle Group:

External Auditors when requested (e.g. Ernst & Young)
External suppliers as needed (e.g. SAP, HP etc.)
Work with external customers and vendors to ensure compliance

Main Purpose of Job:

Some experience of IT Security and Compliance (incl. MSCI and ISMS)
Evidence of delivering results
Good working knowledge of IS/IT systems & processes
Experience and knowledge of Audits and Risk Assessments
Good understanding of key IS/IT Security policies
Good understanding of all IT Security & Compliance Standards (incl. RISE, Cloud, Digital etc.)
Ability to deliver training or Present to employees

Knowledge:

Core knowledge of the 10 Nestlé Corporate Business Principles and expert knowledge in our areas of responsibility.
Good understanding of the Nestlé UKI NiM business.
Basic knowledge of inter-relationship of NiM businesses, key functions and their key priorities.
Good knowledge of Nestlé Management and Leadership Principles.
Good understanding of IIRM (Interaction, Incident & Request Management Best Practice)
Effective prioritisation (Able to assess impact on a Business impacting incident and prioritise accordingly)
Good Knowledge of Nestlé IT Security & Compliance standard requirements (End User Security, RISE, Cloud & own subject matter compliance requirements)

Randstad Business Support is acting as an Employment Business in relation to this vacancy