IT Risk & Compliance Specialist

Discover Your Impact as an IT Risk & Compliance Specialist at CCEP

Are you passionate about safeguarding organizations from cyber threats and ensuring regulatory compliance? Join our IT Risk & Compliance team and play a key role in managing Information and Cyber Security risks across one of the world’s leading FMCG companies.

In this role, you’ll help us stay ahead of evolving cyber regulations and strengthen our IT risk posture through proactive identification, assessment, and mitigation strategies. You’ll collaborate with stakeholders across all CCEP business units, countries, and departments, working closely with BPT and global Information Security teams to ensure compliance with regulatory requirements, local laws, and internal standards.

What You’ll Do

• Lead regulatory alignment by implementing IT Cyber Resilience requirements (e.g., NIS2) across all CCEP markets.
• Enhance governance and processes to strengthen our IT Risk landscape.
• Drive performance and maturity by partnering with stakeholders and control owners to continuously improve risk management processes.

Why Join Us?

• Work on high-impact projects that protect CCEP’s digital ecosystem.
• Collaborate with diverse teams across multiple countries.
• Be at the forefront of cybersecurity and regulatory trends.

Key Responsibilities

• Act as Subject Matter Expert for IT Risk and Compliance topics (e.g., NIST, NIS2, CRE).
• Provide consultancy and technical expertise on risk mitigation and control maturity activities.
• Deliver Information Security risk assessments at corporate and local levels, including facilitation, reporting, mitigation planning, and tracking.
• Perform periodic self-assessments of risk and controls, health checks, and continuous improvement.
• Manage IT control compliance attestation, providing 2nd Line of Defence oversight.
• Maintain IT framework and compliance performance through GRC dashboards.
• Train colleagues on IT Risk and Controls.
• Produce management reporting on Information Security Risk and Control KPIs.
• Collaborate with internal and external auditors, supporting evidence collection and tracking audit findings.
• Build strong networks with key stakeholders such as Enterprise Risk Management, Business Continuity & Resilience, Corporate Security, Finance Internal Controls, and Internal Audit.

What We’re Looking For

Qualifications:

• Bachelor’s degree in Computer Science, Information Systems, Business, or related field.
• 4+ years of IT experience in Information Security or similar.
• English proficiency (required).

Desirable Certifications: CISM, CISSP, CISA, CRISC or similar.

Experience:

• Strong communication skills and ability to work in a multicultural, international environment.
• Experience with internal and external audits.
• Knowledge of Information Risk Management methodologies and tools (e.g., SNOW IRM).
• Implementing security control frameworks (ISO 27001, NIST, etc.) across diverse environments.
• Proven success in delivering projects/audits within budget.
• Process design and continuous improvement mindset.
• Analytical and planning skills with an independent, goal-oriented approach.
• Ability to navigate complex organizations and solve problems creatively.
• Experience in FMCG, beverage industry, or logistics (preferred).

Technical Skills:

• Knowledge of regulatory environments (NIS2, CER, CRA).
• Familiarity with Information Security Management Systems and control frameworks.
• Ability to implement ServiceNow GRC workflows.
• Ability to create PowerBI dashboards with automated data synchronization.