If this is you, you'll be working with the GRC team and performing these key tasks:
Assess moderately complex platforms against Nike security and configuration standards
Evaluate and process exceptions to information security policies and standards
Participate in complex internal risk assessments, identifying information security risks through analysis of threats and vulnerabilities, and reporting on those risks to Nike business and technology owners
Perform risk assessments of critical third-party vendors and ensure the business objectives align with the type and volume of data used in maintaining a "need to know/use" mindset
Utilize your thorough understanding of ITGC's to consult with Technology units on compliance matters
Champion information security policies, standards, controls, and processes so that compliance requirements are addressed as part of "business as usual" operations
Lead Nike business units in control design and control operations related in support of compliance requirements
Perform Compliance control validation testing to determine the operating effectiveness of IT controls for scoped systems
Provide analysis and insights into data supporting the effectiveness of technical and process-based cyber security controls and establish automated data pipelines that feed data visualization tools, such as Tableau
Collaborate effectively with NIKE leaders, managers, employees, and partners to provide deliberate and thoughtful engagement throughout NIKE
Help drive execution of the Information Security training programs. Ensure the workforce stays fully informed on information security through formal trainings and oversee the development and delivery of security training and awareness campaigns
Effective, positive verbal and written communication skills and experienced creating and developing high-quality PowerPoint presentations
Knowledge of information security principles and practices, general procedures and guidelines
A general understanding of technology use, trends and risks as it applies in a business context and environment
Experience reviewing third party SOC reports
Experience/working knowledge with PCI DSS (Former QSA is a benefit).
Knowledge of information security principles, frameworks, and best practices (e.g., PCI DSS, COBIT, COSO, NIST and ISO 27000)
Excellent collaboration skills - must be eager to work as part of a cohesive team and work as a partner to others within Nike, Inc. both at WHQ and globally
Experience with ServiceNow, Confluence or JIRA
משרות נוספות שיכולות לעניין אותך