Cyber and Digital Security Expert – SAP Basis
Security and Compliance Department
Headquarters of Nestlé in Milan, Italy;
Security and Compliance Department;
Full-time work, virtual working available in a global environment;
Bachelor's or Master's degree in Computer Science, Information Security, or a related field (e.g., IT Audit, Enterprise Risk Management, etc.)
5+ years of experience in the relevant SAP Basis area
Experience in effective communication at different level in the organization and in English
Joining Nestlé means you are joining the largest food and beverage company in the world! We are inspired to innovate. We embrace the diverse and fast-changing digital world as source of endless challenge, inspiration, and new possibilities. You will develop and implement information security architecture and technology solutions to address the current and emerging information security threats and compliance requirements of the organization. The Security Architect translates technology and environmental conditions into system and security designs and processes to protect digital assets and data. You develop and maintain a security architecture process that enables the enterprise to develop and implement products and solutions that are secure and compliant by design and you create security strategy plans and roadmaps based on sound enterprise architecture practices.
A Day in the Life of a Cyber and Digital Security Expert - SAP Basis
Provide deep specialist guidance, support expertise and knowledge to the product or platform team;
Ensure alignment between security architecture frameworks and standards and overall business strategy;
Review security technologies, tools and services, and makes recommendations to the broader security team for their use based on security, financial and operational metrics.
Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations (DevOps and non-DevOps).
Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, and counterparts within the network operations center (NOC).
Establish procedures, including escalations, for when IOCs are discovered with guidance from the CISO, or the individual responsible for overall security direction, and in conjunction with SOC colleagues.
Coordinate with operational and facility-management teams to assess the security of operational technology and Internet of Things (IoT) systems.
Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application.
Serve as an information security expert and trusted advisor to partners in IS/IT and the business.
What will make you successful?
Desired Certified Information Systems Security Professional (CISSP)
Strong working knowledge of IS/IT service management
Experience in dealing with large projects in hybrid environments (on-prem, Cloud)
Direct, hands-on experience managing security infrastructure
Full-stack knowledge of IS/IT infrastructure
Understanding of architecture methodologies such as SABSA, Zachman and TOGAF
Strong working knowledge of the methodologies to conduct threat-modeling
Knowledge and understanding of the impact of emerging business and end-user technologies have on information security requirements and architecture
We are Nestlé, the largest food and beverage company. We are 328,000 people strong driven by the purpose of enhancing the quality of life and contributing to a healthier future. Our values are rooted in respect for ourselves, respect for others, respect for diversity and respect for our future. With more than 89.5 billion CHF in 2016, we have an expansive presence with 442 factories in more than 86 countries. We believe our people are our most important asset, so we’ll offer you a dynamic inclusive international working environment with many opportunities across different businesses, functions and geopraphies, working with diverse teams and cultures. Want to learn more? Visit us at .