About IT in Nestlé

We are a team of IT professionals from many countries and diverse backgrounds, each with unique missions and challenges in the biggest health, nutrition and wellness company of the world. We innovate every day through forward-looking technologies to create opportunities for Nestlé’s digital challenges with our consumers, customers and at the workplace. We collaborate with our business partners around the world to deliver standardized, integrated technology products and services to create tangible business value.

Nestlé is seeking a highly experienced Senior Vulnerability Management Specialist to join our team and help us improve our cyber resilience. In this position, you will participate on building of an advanced Global Vulnerability Management program. Consolidating data from various platforms and sources, you will assess and track potential cyber threats associated with security vulnerabilities, coordinate response and remediation efforts, as well as work on automation and simplification of the whole process.

As a member of the Cyber SOC Vulnerability Management team, you will have the opportunity to work with cross-functional multinational teams and improve our operational processes, integrate with other tools, and automate daily tasks. You will also identify threats and security gaps and collaborate with the Security Community of Practice to develop measures to protect our company's information.

The ideal candidate will have a deep understanding of vulnerability management, application and infrastructure security techniques, experience with automation, and a track record of mentoring and guiding team members. You should also be able to work independently, have excellent communication skills, and be comfortable presenting to high-level personnel.

Key responsibilities

• Work effectively with business units and technical teams to facilitate building and expanding vulnerability reduction and remediation capabilities.
• Contribute to the design and implementation of the vulnerability orchestration platform, vulnerability scanning, automation and reporting.
• Develop high-level documentation for non-technical business owners to communicate security risks and recommendations.
• Collaborate with leadership, partner teams, and service owners to drive effective teamwork, communication, and commitment across multiple disparate groups with competing priorities.
• Lead escalations and coordinate remediation of cyber security threats maintaining an in-depth knowledge of common attack vectors, common security exploits, and countermeasures.
• Mentor and guide more junior colleagues and provide training to improve skills and knowledge of other team members.
• Liaise with the Security Product Manager to identify best practices and continuously improve technical standards, processes, procedures, and guidelines to enable proper risk mitigation for each business capability.

Required Profile

• Bachelor's or Master’s Degree in Computer Science, Information Security, or another similar relevant degree.
• 4+ years of vulnerability management, threat assessment, risk management, incident response or other cyber security experience.

• In-depth understanding of automated and manual techniques to test security within systems and network protocols, web application technologies, threat based IS/IT security, latest security technologies and concepts, vulnerability management, technical security testing and maturity assessments, secure software lifecycle development (SecDevOps).
• Experience with vulnerability scanning solutions and security orchestration and/or automation platforms.
• Sound awareness of leading vendor products/applications such as operating systems, databases, webservers or network devices including product lifecycle & release schedules.

• Proficient in at least one programing language such as Groove, Java, Python or PowerShell.
• Ability to present information to a wide variety of internal stakeholders, including senior level leadership, and communicate effectively in English.
• Experience working in a global environment and with virtual teams.
• Experience in project management, team management and product roadmap definition
• Relevant technical and industry certifications are a plus.

Show us that you are an enthusiastic, curious, fast learner and team player person who is used to work with agile practices. Your ability to be flexible, self-motivated and your willingness to deliver on a deadline will set you apart among the other candidates. Please don’t hesitate and apply in English at www.nestle.com/jobs. We are excited to hear from you!

The Nestlé Group is the world’s largest food and beverage company with a presence in 189 countries around the world, has 447 factories and its 339,000 employees are committed to Nestlé’s purpose of enhancing quality of life and contributing to a healthier future. Nestlé offers a wide portfolio of products and services for people and their pets throughout their lives. Its more than 2000 brands range from global icons like Nescafé or Nespresso to local favourites. Company performance is driven by its Nutrition, Health and Wellness strategy. Nestlé is based in the Swiss town of Vevey where it was founded more than 150 years ago. Learn more about our Group and reasons to join us on www.nestle.com.