Information Security Management System & Compliance Manager (12-months contract)

Nestlé
Golden Horseshoe
CAD 80,000 - 100,000
Job description

Information Security Management System & Compliance Manager (12-months contract)

Nestlé

Nestlé is the world's largest food & beverage company. We unlock the power of food to enhance quality of life for everyone, today and for generations to come.

Position Snapshot
Business area: Nestlé Canada Inc.
Job title: Information Security Management System & Compliance Manager
Location: North York, ON located at 25 Sheppard Ave W, North York, ON M2N 6S8;
Hybrid

A little bit about us
While Nestlé is known for KitKat, Gerber, Nescafe, and Häagen-Dazs, our recipe for success comes down to one thing: our people. We strive to lead a people-focused culture that empowers employees to bring their authentic selves to work each day.

What to Expect
We are seeking a skilled and experienced Information Security Management System & Compliance Manager to join our dynamic team. The ideal candidate will be responsible for overseeing and ensuring the integrity, confidentiality, and availability of our information security management system (ISMS). This role involves developing, implementing, and maintaining security policies and compliance frameworks to ensure the protection of information assets and adherence to relevant regulations and standards.

A day in the life of an Information Security Management System & Compliance Manager:

ISMS Development and Maintenance
• Design, implement, and maintain the ISMS in alignment with ISO/IEC 27001 standards.
• Regularly review and update procedures, and controls to ensure ongoing compliance with Nestlé Global Standards, and local regulatory requirements.
• Conduct risk assessments to identify potential security threats and vulnerabilities and develop mitigation strategies.
• Collaborate with cross-functional teams to ensure security policies are integrated into all business processes.
• Collaborate with business stakeholders to identify required security controls, ensuring risk assessments are conducted and controls have been implemented prior to transitioning technology platforms to the unit’s environment.

Compliance and Audit Management
• Ensure the unit meets all relevant legal, regulatory, and contractual obligations related to information security and participate actively in vendor management.
• Prepare the unit for, support, and manage internal and external audits, including ISO/IEC 27001 certification and surveillance audits.
• Develop and maintain documentation required for compliance audits and certifications.
• Coordinate with external auditors and facilitate the audit process, addressing any findings or non-conformities.

Security Awareness and Training
• Support the delivery of training programs to educate employees on information security policies, procedures, and best practices.
• Promote a culture of security awareness within the functional unit.
• Support regular security awareness campaigns and workshops.

Role Requirements
• Bachelor’s degree in Information Security, Computer Science, or a related field.
• Minimum of 3+ years of experience in information technology or a combination of risk management, compliance, information security, and IT jobs.
• Understanding of ISO/IEC 27001, NIST Cybersecurity Framework, and other relevant standards and regulations.
• Experience with risk assessment and management, process, and control implementation.
• Strong communication and interpersonal skills to deliver effective understanding of requirements, fostering consensus, and cultivating relationships with stakeholders across the organization.

Preferred Skills
• Relevant certifications such as CRISC, or ISO/IEC 27001 Lead Implementer/Auditor are highly desirable.
• In-depth knowledge of information security principles, practices, and technologies.
• Strong analytical and problem-solving skills.
• Strong sense of curiosity, proactive, and demonstrates a proven ability to take initiative.
• Ability to work independently and as part of a team.
• High attention to detail and organizational skills.
• Proven ability to manage multiple initiatives and deadlines effectively.
• Strength in prioritizing and managing your own workload to deliver quality results and meet timelines with limited guidance.

We have a friendly, supportive team with a coaching and mentoring environment. There are real opportunities for future development and progression – this really could be a move towards the exciting finance career you’ve always wanted.

What you need to know
We will be considering applicants as they apply, so please don’t delay in submitting your application.
Nestlé Canada is an equal-opportunity employer committed to diversity, equity, inclusion, and accessibility. We welcome qualified applicants to bring their diverse and unique experiences.

If you are selected to participate in the recruitment process, please inform Human Resources of any accommodations you may require. Nestlé will work with you to ensure that you are able to fully participate in the process.

Get a free, confidential resume review.
Select file or drag and drop it
Avatar
Free online coaching
Improve your chances of getting that interview invitation!
Be the first to explore new Information Security Management System & Compliance Manager (12-months contract) jobs in Golden Horseshoe