Nestle Compliance Business Relationship Manager in Arlington, Virginia

The Compliance Business Relationship Manager BRM directs all compliance and some information security-related activities and contributes compliance and information security initiatives at a Nestle in Market level.

At the direction of the NUSA BRM, and in conjunction with Group IS/IT Security, this role oversees the implementation and adherence to relevant rules, policies, guidelines, processes, and standards. Additionally, general oversight of applicable laws and Nestl compliance requirements.

The incumbent will assist with tracking and reporting on compliance matters as well as communications and training on such matters as necessary.

Working closely with the NUSA BRM, Group ISIT Security (at a local and corporate level), this leader and subject matter expert will direct the Compliance Team and Pillar organization to ensure adherence of proper security behavior, risk management, sustainable controls, basic compliance principles and appropriate audit readiness.

The Compliance BRM will serve as the Information System Management System (ISMS) Lead or Back-Up Lead. In either role, the Compliance BRM will provide guidance to the Information System Management System (ISMS)Owner and will offer leadership and support with all training, coaching, risk assessments, Independent Reviews and External Audits.

Primary Responsibilities:

Functional Compliance Management

  • Promote and enforce the use of the adherence of global standards and guidelines.

  • Overall accountability for the management of the NUSA Information Security Management System (ISMS). ISMS is a systematic and formal approach to manage our Security & Compliance. Based on the ISO 27001 international standard, it is a holistic approach to managing Confidentiality, Integrity and Availability of information and data as well as Nestl s reputation. The governing principle behind ISMS is that the organization should design, implement and maintain a coherent set of documents, processes and controls to manage IS/IT risks to its information assets and to guarantee IS/IT compliance.

  • Oversee all NUSA IS/IT (or related) audits and review, originating from within the function or external to it; self-assessments as needed to pulse check adherence to standards and controls; monitors risk (e.g. segregation of duties, roles allocation) and to mitigating actions to avert risk and ensure compliance.

  • Lead point of contact with GLOBE central and regional Security & Compliance

  • Report security incidents and non-compliant issues to NUSA BRM and Core Team

  • Provide leadership, coaching and training in the areas of Compliance and Information Security to NUSA BRM and Core Team

  • Ensure all Compliance and Information Security related are properly represented and acted upon by NUSA BRM and Core Team

  • Work closely with Group ISIT Security and Integration Manager on reporting and improving the LGO s performance on key MSCI metrics


Basic Qualifications:


  • Bacheor s degree in Business, Finance, or other related field; may consider equivalent experience if predominantly/specifically with IS/IT Information Security & Compliance

Professional Experience:

  • 10+ years experience in ISIT Information Security and Compliance or other functional operations area where responsibilities included compliance, risk management, or audit

  • Experience with and deep understanding of governance, stakeholder management and change management within an IS/IT organization

  • Experience working with third-party service providers

  • Basic knowledge of ITIL and COBIT or other organizational and audit framework/methodology

  • Experience in project management with an understanding of formal PM methodologies, PMP certification a plus

  • CRISC Certification and knowledge of ISO 27001 preferred.

  • Proven leadership skills and ability to influence others under high stress conditions

  • Strong verbal and communication and presentation skills; ability to express complex technical concepts in business terms

  • Excellent analytical and problem solving skills as well as planning, organizing and prioritizing capabilities

  • Ability to work with individuals at all levels of the organization

  • Achievement focused and strong follow-through; acts with integrity in all matters

  • Strong decision making and judgment skills; pragmatic orientation; ability to assess facts and derive actions from them

  • Ability to work independently and under pressure to meet deadlines

  • Responsive to quick requests, short deadlines and/or competing priorities

  • Excellent computer skills (Excel, Word, PowerPoint, Outlook, SAP)

The Nestle companies are equal opportunity and affirmative action employers and are looking for diversity in candidates for employment: Minority/Female/Disabled/Protected Veteran

Category: IT, Management, Nestle Globe