Senior Manager Information Security Governance - IT Internal Controls

Portland | United States | Information Technology

At adidas, every day is a chance to flip the script. An invitation to take everything we know and re-invent it. Do it better. Never settling for good enough. Every day we get up, invent, adapt, improvise, find new ways to collaborate, and do the unexpected. We’re creators, makers and doers. Helping athletes make a difference, not just in their games, but in their lives and in their world. It’s an obsession.

We’ve been doing this for more than 65 years. With an unmatched history and tradition of creating iconic products, consumer connections and experiences, we’ve been defining sport culture since the beginning. And we’re never done. Come be a part of shaping the future together with us.

Purpose

  • Information Security Governance refers to our companies coordinated strategy for managing the broad issues of corporate governance, enterprise risk management and corporate compliance with regards to regulatory, internal and external requirements.
  • Together with your team you are responsible to govern the effectively and cost-efficiently mitigation or remediation of risks that can hinder our organization’s operations or our ability to remain competitive in the market. You also ensure our company’s conformance with regulatory and internal requirements for IT operations, - and other IT/business practices.

Key Accountabilities

IT internal Controls Governance

  • Establishment and maintenance of IT Internal controls implementation procedures and standards in collaboration with stakeholders
  • Governance, implementation and maintenance of IT internal control tools/suite
  • Cross functional collaboration for maximum automation/ integration
  • Responsible for IT internal controls global management reporting

Security Compliance Program Management

  • Proactively identify security gaps and support business/IT stakeholders on their demands
  • Contribute to the creation of a business case that outlines a recovery compliance strategy including implementation plan, resources needed, budget and life cycle management.
  • Develop a project charter and manage to successfully deliver the assigned projects, end-to-end, ideally through applying RAP methodology effectively. Manage the execution and completion of the defined project plan through effectively coordinating people and resources.
  • Monitor the project variables (cost, effort, scope, etc.) against the project plan to implement corrective or preventative actions.
  • Ensure regular status reporting is presented to project stakeholders and his manager. Be responsible and highlight any project obstacles with offering solutions for corrective actions. Follow up and drive issue resolution with project stakeholders.

Services and Governance Responsibilities

1. IT Policy & Standard Management

  • Responsible to create IT individual policy- and standard rules within IT Compliance programs, ensuring that legal, contractual, internal, rules and regulations are met. Perform quality assurance with IT stakeholder and develop the review and approval material for senior management.
  • Create awareness information and training material and provide regular update sessions with Markets and HQ. Ensure existing documents are up to date and centrally available.

2. IT Governance Framework

  • Establish a framework for the respective service (e.g. PCI, ITSCM etc.), that outlines the scope, process, roles & responsibilities, lifecycle management, training material and a communication strategy.
  • Create specific process documents including all necessary end-2-end workflows and ensure successful process implementation and lifecycle management across the organization.

3. IT Assessment Management

  • Manage assigned assessments through identifying non-compliant area’s and topics for company critical assets IT systems, applications and processes.
  • Enter the identified IT / SCM risks/topics to the global audit - and assessment database and/or Security specifics to ISMS.
  • Consult, track and follow up with issue owners to ensure they become compliant and ensure risk mitigation/remediation.

4. Service Demand Management

  • Manage the assigned task within the demand management process of Information Security Governance. This includes the alignment x-functionally within Information Security, stakeholders and requestors.

5. Contract Support (Information Security)

  • Create the third-party vendor contract annexes for Information Security for Global Procurement and IT Supplier Management.

External Financial Audit (IT)

  • Support the Global IT SPOC for the yearly external financial audit. Coordinate the field work audit plan, organize field work kick off between IT Champs & external audit, challenge the audit field work results and align content with external audit.

Risk Acceptance

  • Support the risk acceptance process activities. Evaluate the individual risk components, compensation controls and remediation activities.

If required: People Management

  • Build the appropriate structure to be able to manage the respective organization effectively, identify and develop the future talents and create realistic succession scenarios for key positions
  • Ensure appropriate leadership skills are present at every level by creating a motivational and supportive work environment in which employees are coached, trained and provided with career opportunities through development
  • Allocate the different projects/programs and work streams to the respective teams and employees considering experience, project complexity, workload and organizational efficiency

Knowledge, Capabilities and Experience  

  • Pro-active mindset, ability to think end-to-end
  • Ability to identify problems, collect data, establish facts and draw valid conclusions
  • Ability to coach, guide and manage a (project/service) team
  • Strong communication (both written and verbal) and facilitation skills (small and large groups), especially when interacting with different levels of business
  • Ability to travel, domestic or international
  • Fluent English (verbal and written)
  • Strong experience with standards work in security, such as ISO 2700x, ISO27031/BS25999; PCI DSS, COBIT, COSO, OWASP; HIPPA etc.
  • Industry recognized certification (CISA; PCI QSA / ISA; CGEIT; CRISC etc.) 
  • Ideally certified as CISSP, CISM, TISP
  • German language skills are an advantage

Qualifications

  1. Four-year college or university degree with focus on Information Security or related areas, or equivalent combination of education and experience
  2. Minimum of 6+ years of progressive work experience in the field of IT Compliance, Security and Governance
  3. If required: 1-3 years of experience managing a team

We`re looking forward to receiving your application!

Check out this video of the adidas CIO on digital transformation.

#LI-POST

adidas celebrates diversity, supports inclusiveness and encourages individual expression in our workplace. We do not tolerate the harassment or discrimination toward any of our applicants or employees. We are an Equal Opportunity Employer.

Apply here

The Facts

Jobtitle Senior Manager Information Security Governance - IT Internal Controls
Team Information Technology
Brand adidas
Location Portland
Country United States
Number 178175
Position Type Full time
Date Jun-07, 2018
Relocation no

Sounds great for you? We would love to have you here.

Apply here
Learn more about Portland

Planet Sport - Working at adidas America in Portland, Oregon USA

Portland is home for adidas. At adidas Portland our purpose is to shape the future of sport because we believe that through sport, we have the power to change lives. We also believe that Portland, Oregon represents a better tomorrow. Located in the heart of our city we share the responsibility to role-model a better, more healthy future.

Facts about Portland

Portland is looking mostly for

  • Retail (Store)
  • Accounting & Finance
  • Marketing & Communications
  • Information Technology
  • Design
  • Supply Chain Management
  • Human Resources

Brands in Portland

Fact-Sheet

  • Retirement Plan

  • Canteen

  • Company Sports

  • Company Events

  • Product Discount

  • On-Site Sports Facilities

  • Next airport to the location PDX, Portland International Airport

    10 miles
  • Local Population (2013) Source: United States Census Bureau

    609456
Similar positions

Jobs you might be interested as well?

  • 178093 - June 07 2018

    IT Business Solutions Manager - Finance

    Portland / OR / United States Information Technology

  • 177448 - June 07 2018

    IT Business Solutions Manager-Marketing & Sales

    Portland / OR / United States Information Technology

  • 177209 - May 18 2018

    Senior Manager Digital Workplace

    Portland / OR / United States Information Technology

  • 177223 - May 18 2018

    Manager Global Data Management

    Portland / OR / United States Information Technology

  • 173528 - March 21 2018

    Senior Information Security Architect

    Portland / OR / United States Information Technology

  • 169765 - January 08 2018

    Business Consultant - SAP Materials Management

    Portland / OR / United States Information Technology