Director Information Security (m/f/d)
Location field must contain 'city, state' or a zip code to perform a radius search (e. g. , Denver, CO or 46122 ). City and state must be separated by a comma followed by a space (e. g. , Houston, TX )
Purpose & Overall Relevance for the Organization:
The Director Information Security role is responsible for ensuring the completeness (fitness-for-purpose) and integrity of adidas’ information security architecture, designing, documenting, delivering and improving information security solutions and building blocks, and providing consultancy for their reuse. This includes continuous monitoring and management of requirements, including information security risks, stakeholder needs, and emerging technologies.
The primary focus of the role is to set the IAM domain strategy, roadmap 3-5 years, review existing technologies against strategy & roadmap, create solution designs/standards/patterns, acting as the subject matter expert and guiding the design to meet the overall objectives for the information security domain.
This role will require Consulting and Engineering in the development and design of corporate security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
This position reports directly to the Sr Director Information Security- Identity & Access management.
Key Responsibilities:
Information security
Develops and communicates corporate information security policy, standards and guidelines.
Contributes to the development of organisational strategies that address information control requirements.
Identifies and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks.
Leads the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions such as legal, technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.
Security Architecture
Set strategy and roadmap for Identity & Access management
Review existing IAM environment against use-cases and strategy.
Support the design, build and implementation of enterprise-class security systems for a production environment.
Align standards, frameworks and security with overall business and technology strategy.
Design / adapt security architecture elements to mitigate threats as they emerge.
Design / adapt solutions that balance business requirements with information and cyber security requirements.
Identify security design gaps in existing and proposed architectures and recommend changes or enhancements.
Contribute to enterprise level Architecture Principles Design from the information security perspective.
Collaborate with, and facilitate stakeholder groups, as part of formal or informal consultancy agreements.
Consultancy
Takes responsibility for understanding client requirements, collecting data, delivering analysis and problem resolution.
Identifies, evaluates and recommends options, implementing if required.
Collaborates with, and facilitates stakeholder groups, as part of formal or informal consultancy agreements.
Seeks to fully address client needs, enhancing the capabilities and effectiveness of client personnel, by ensuring that proposed solutions are properly understood and appropriately exploited.
Specialists advise
Actively maintains recognized expert level knowledge in one or more identifiable specialisms.
Provides definitive and expert advice in their specialist area(s).
Oversees the provision of specialist advice by others, consolidates expertise from multiple sources, including third party experts, to provide coherent advice to further organisational objectives.
Supports and promotes the development and sharing of specialist knowledge within the organisation.
Research
Builds on and refines appropriate outline ideas for the evaluation, development, demonstration and implementation of research.
Contributes to research goals and funding proposals.
Collects and analyses qualitative and quantitative data as required.
Creates research reports to communicate research methodology, findings and conclusions.
Presents papers at conferences, contribute significant sections of material of publication quality, and presents reports to clients.
Contributes to research plans and identifies appropriate opportunities for publication and dissemination of research findings.
Makes an active contribution to research communities.
Emerging trends & technology monitoring
Maintain expertise by tracking and understanding emerging security practices and standards, participating in educational opportunities, reading professional publications, maintaining personal networks, participating in professional organizations.
Monitors the external environment to gather intelligence on emerging technologies.
Assesses and documents the impacts, threats and opportunities to the organization.
Creates reports and technology roadmaps and shares knowledge and insights with others.
Security administration
Monitors the application and compliance of security administration procedures and reviews information systems for actual or potential breaches in security.
Ensures that all identified breaches in security are promptly and thoroughly investigated and that any system changes required to maintain security are implemented.
Ensures that security records are accurate and complete and that request for support are dealt with according to set standards and procedures.
Contributes to the creation and maintenance of policy, standards, procedures and documentation for security.
Relationship management
Identifies the communications and relationship needs of stakeholder groups.
Translates communications/stakeholder engagement strategies into specific activities and deliverables. Facilitates open communication and discussion between stakeholders, acting as a single point of contact by developing, maintaining and working to stakeholder engagement strategies and plans.
Provides informed feedback to assess and promote understanding.
Captures and disseminates technical and business information.
If required: People Management / Resource Management:
Supports resource planning and may have full responsibility in recruiting process.
Implement resource plans, including conducting recruitment interviews.
Facilitates selection, assessment and onboarding processes, and internal resource allocation.
Contributes to transitioning of resources, complying with relevant statutory or external regulations and codes of good practice.
Ensures appropriate leadership skills are present at every level through creating a motivational and supportive work environment in which employees are coached, trained and provided with career opportunities through development
Allocates the different work to the respective employees considering experience, complexity, workload and organizational efficiency
Continuously monitors and evaluates team workload and organizational efficiency with the support of IT systems, data and analysis and team feedback and makes appropriate changes to meet business needs.
Key Relationships:
Global IT
Respective business function (Finance, HR, Brand Marketing, GOPS, Wholesale/Retail)
HR management
Enterprise, Domain and Solution Architects
(Senior) Directors of respective IT departments
Business and IT program and project managers
(Senior) Directors of Application Engineering & Support teams (development, testing, support, integration), Legal & Compliance / Data Protection
Requisite Education and Experience / Minimum Qualifications
Four-year college or university degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience
Proficient spoken and written command of English
10+ years of progressive work experience in Identity & Access management (identity administration & Governance, Authorization, Authentication, PAM, PKI) and concepts of Zero Trust. Required technology knowledge in Sailpoint, Azure AD, Thycothic.
A track record in Identity & access management domain architecture.
CISSP-ISSAP, TOGAF Certified, SABSA Chartered Security Architect Certifications, CCSP, AWS Certified Solutions Architect certifications are a plus
Internationally Experience- ideally working abroad and mobile leadership roles for multiple years and functional/market experience in projects with a local/global perspective.
At adidas we have a winning culture. But to win, physical power is not enough. Just like athletes our employees need mental strength in their game. We foster the athlete‘s mindset through a set of behaviors that we want to enable and develop in our people and that are at the core of our unique company culture – the 3Cs: CONFIDENCE, COLLABORATION and CREATIVITY.
CONFIDENCE allows athletes to make quick decisions on the field, to reach higher. For us at adidas confidence means acknowledging that we don’t have all the answers. But we are willing to take risks, we try new things. And if we fail, then this is part of our learning – it helps us improve.
COLLABORATION. Every elite athlete relies on partners: coaches, teammates, and nutritionists. We, too, know that we are stronger together. Winning as one team takes open and candid dialogue, inclusiveness and trust in each other’s abilities and talents.
Being the best sports company in the world takes CREATIVITY. No great athlete succeeds by copying their predecessors’ training plans and strategies. We have to be open to new ideas, explore, gain an edge and stand out. Only then can we succeed.
adidas celebrates diversity, supports inclusiveness and encourages individual expression in our workplace. We do not tolerate the harassment or discrimination toward any of our applicants or employees. We are an Equal Opportunity Employer.
Job Title: Director Information Security (m/f/d)
Responder al anuncio¡Sea el primero en responder a este anuncio de trabajo!