Job Title

Position Snapshot Business area: Nestl Canada Inc. Job title: Information Security Management System & Compliance Manager Location: North York, ON located at 25 Sheppard Ave W, North York, ON M2N 6S8 Compensation Range: $85,000 $102,500 CAD Hybrid About Us At Nestl Canada, we are committed to transparency and fairness in our compensation and job posting practices. This position offers a competitive salary within the range specified above, in compliance with Ontario''s pay transparency regulations. While Nestl is known for KitKat, Gerber, Nescaf, and HagenDazs, our recipe for success comes down to one thing: our people. We strive to lead a peoplefocused culture that empowers employees to bring their authentic selves to work each day. There are 3,000+ members of Nestl Canada celebrated for taking action using agility, courage, and trust to find solutions that benefit the business or greater good. Were a team of changemakers, who are curious and challenge the status quo, that take risks that will help drive us forward. Our focus is not only on nourishing our customers, but also about enriching you. We know that empowerment leads to strong employee engagement, a great work culture, and motivated employees. What To Expect We are seeking a skilled and experienced ISMS Security & Compliance Manager to join our dynamic team. The ideal candidate will be responsible for overseeing and ensuring the integrity, confidentiality, and availability of our information security management system (ISMS) dedicated to our Distribution Centre and Production Locations. This role involves developing, implementing, and maintaining security policies and compliance frameworks to ensure the protection of information assets and adherence to relevant regulations and standards. The ISMS manager will work closely with various stakeholders to promote a culture of security and compliance throughout the business unit, distribution centre and production locations. A Day in the Life of an ISMS Security & Compliance Manager Governance, Risk & Compliance Develop, maintain, and enforce information security policies, standards, and procedures aligned with regulatory and industry frameworks (e.g., ISO 27001, NIST, SOC 2, PCI DSS, GDPR). Regularly review and update procedures, and controls to ensure ongoing compliance with Nestl Global Standards, and local regulatory requirements. Conduct risk assessments to identify potential security threats and vulnerabilities and develop mitigation strategies. Collaborate with crossfunctional teams, distribution centre, and production locations to ensure security policies are integrated into all business processes. Collaborate with business stakeholders to identify required security controls and ensure risk assessments are conducted and controls have been implemented prior to transitioning technology platforms to the units environment. Oversee vendor and thirdparty risk management, including due diligence, ongoing assessments, and contract security requirements. Ensure business continuity and disaster recovery frameworks are documented, tested, and improved for DC and Production locations. Compliance and Audit Management Ensure the unit meets all relevant legal, regulatory, and contractual obligations related to information security and participate actively in vendor management. Guide the distribution centre and production locations for, support, and manage internal and external audits, including ISO/IEC 27001 certification and surveillance audits. Develop and maintain documentation required for compliance audits and certifications. Coordinate with internal and external auditors and facilitate the audit process, addressing any findings or nonconformities. Maintain compliance KPIs and KRIs based on company risk appetite and Global requirements. Security Awareness and Training Support the delivery of training programs to educate employees on information security policies, procedures, and best practices. Promote a culture of security awareness within the distribution centre and production locations. Support regular security awareness campaigns and workshops. Provide regular reporting to senior leadership on risk posture, compliance status, and key metrics. Incident Response and Recovery Develop and maintain the location risk register. Collaborate with Global, Regional and Local teams on incident response governance and postincident reviews. Manage security incident response locally, including investigation, containment, and remediation. Role Requirements Bachelor''s degree in Information Systems, Cybersecurity, Computer Science, or a related field (or equivalent experience). Minimum of 5+ years of experience in information technology or a combination of risk management, compliance, information security and IT jobs. Handson experience and knowledge of ISO/IEC 27001, NIST Cybersecurity Framework and other relevant standards and regulations. Experience with risk assessment and management, process and control implementation. Experience leading internal and external audits. Strong communication and interpersonal skills, to deliver effective understanding of requirements, fostering consensus, and cultivating relationships with stakeholders across the organization. Preferred Skills Relevant certifications such as ISO/IEC 27001 Lead Implementer/Auditor and/or CRISC, are highly desirable. Indepth knowledge of information security principles, practices, and technologies. Strong analytical and problemsolving skills. Strong sense of curiosity, proactive, and demonstrates a proven ability to take initiative. Ability to work independently and as part of a team. High attention to detail and organizational skills. Proven ability to manage multiple initiatives and deadlines effectively. Strength in prioritizing and managing your own workload to deliver quality results and meet timelines with limited guidance. Exposure to manufacturing and distribution centre operations is preferred for this role. We have a friendly, supportive team with a coaching and mentoring environment. There are real opportunities for future development and progression this really could be a move towards the exciting finance career youve always wanted. Benefits Comprehensive total rewards benefits package including Health and Dental benefits that start on day one of employment. Company matched pension plan. Three weeks of Vacation and five personal days (Personal Paid Holidays). Flexible and hybrid work arrangements. Excellent training and development programs as well as opportunities to grow within the company. Access to Educational Assistance & Tuition Reimbursement. Bonus eligibility. Access to the Discount Company store with Nestl, Nespresso, and Purina products (Located across various Nestl offices/sites). Additional discounts on a variety of products and services offered by our preferred vendors and partnerships. What You Need To Know We will be considering applicants as they apply, so please dont delay in submitting your application. Nestl Canada is an equalopportunity employer committed to diversity, equity, inclusion, and accessibility. We welcome qualified applicants to bring their diverse and unique experiences as a result of their education, perspectives, culture, ethnicity, race, sex, gender identity and expression, nation of origin, age, languages spoken, veterans status, colour, religion, disability, sexual orientation and beliefs. If you are selected to participate in the recruitment process, please inform Human Resources of any accommodations you may require. Nestl will work with you in an effort to ensure that you are able to fully participate in the process. #J-18808-Ljbffr