Expires soon Adidas Group

Manager Information Security Governance (m/f/d)

  • Herzogenaurach (Regierungsbezirk Mittelfranken)
  • Project / Product management

Job description

Country: Germany
Job Function: Information Technology

State / Province: Germany
Position Type: Full time

City / Location: Herzogenaurach
Brand: adidas

Relocation:

Somewhere, in one of our workshops right now, the future is taking shape. We are constantly working to redefine the way clothing and footwear transforms the pitch, court or course. This is what drives us: the feeling of discovery and the urge to innovate. When we create a product that makes our hearts beat faster, we know we’re onto something.

If this sounds inspiring, you might be one of us: Someone who loves to create the present, as well as shape the future. There’s a reason adidas has been at the forefront of defining sport for more than 60 years: We never stand still. Everyday, we work to improve everything we create.

At adidas, interesting, amazing and inspiring aren’t just ideas. They are what we do every single day.

Purpose

The role is responsible for all efforts to reach a state of continuous compliance by partnering and engaging with our technology, business, and brand teams to adhere to policies, reduce security risks and maintain compliance. Part of overall duties is to establish, maintain and advance the information governance framework.

Key Accountabilities

Enterprise Information SecurityGovernance

· Reviews current and proposed information systems for compliance with the organization’s obligations (including legislation, regulatory, contractual and agreed standards/policies) and adherence to overall strategy.
· Provides specialist advice to those accountable for governance to correct compliance issues.

Information Governance

· Ensures implementation of information and records management policies and standard practice.
· Ensures effective controls are in place for internal delegation, audit and control relating to information and records management.
· Assesses and manages risks around the use of information.
· Provides reports on the consolidated status of information controls to inform effective decision making.
· Recommends remediation actions as required. Ensures that information is presented effectively.

Information security

· Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural and technical security controls.
· Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems.
· Investigates suspected attacks and manages security incidents. Uses forensics where appropriate.

Information assurance

· Interprets information assurance and security policies and applies these in order to manage risks.
· Provides advice and guidance to ensure adoption of and adherence to information assurance architectures, strategies, policies, standards and guidelines. Uses testing to support information assurance.
· Contributes to the development of policies, standards and guidelines.

Business risk management

· Investigates and reports on hazards and potential risk events within a specific function or business area.

Continuity Management

· Implements and contributes to the development of a continuity management plan.
· Coordinates the assessment of risks to the availability, integrity and confidentiality of systems that support critical business processes.
· Coordinates the planning, designing, and testing of maintenance procedures and contingency plans.

Quality Assurance

· Contributes to the collection of evidence and the conduct of formal audits or reviews of activities, processes, data, products or services. Examines records for evidence that appropriate testing and other quality control activities have taken place and determines compliance with organizational directives, standards and procedures. Identifies non-compliances, non-conformances and abnormal occurrences.

Conformance review

· Collects and collates evidence as part of a formally conducted and planned review of activities, processes, products or services.
· Examines records as part of specified testing strategies for evidence of compliance with management directives, or the identification of abnormal occurrences.

Qualifications

· Four-year college or university degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience
· Proficient spoken and written command of English
· At least 5-year experience in IT
· 2 years of experience in relevant area
· 1 year of experience in team management
· Understanding of different culture
· Participated in projects with people from other functions/markets

Make every future a success.
  • Job directory
  • Business directory