Director Cyber Security GRC
at Amer Sports
GBM, Bayern, Germany -
| Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
|---|---|---|---|---|---|---|---|
| Immediate | 16 Feb, 2025 | Not Specified | 17 Nov, 2024 | 5 year(s) or above | Good communication skills | No | No |
Required Visa Status:
| Citizen | GC |
| US Citizen | Student Visa |
| H1B | CPT |
| OPT | H4 Spouse of H1B |
| GC Green Card |
Employment Type:
| Full Time | Part Time |
| Permanent | Independent - 1099 |
| Contract – W2 | C2H Independent |
| C2H W2 | Contract – Corp 2 Corp |
| Contract to Hire – Corp 2 Corp |
Description:
Hybrid Garching by Munich (Germany) or Krakow (Poland)
Are you passionate about cybersecurity and ready to lead a high-impact team in a global, dynamic environment? Amer Sports is seeking an experienced professional to head our Governance, Risk, and Compliance (GRC) team, responsible for the group-wide cybersecurity governance framework. In this role, you’ll have the chance to shape the future of our cybersecurity strategy, work with senior leaders, and drive initiatives to protect our organization from evolving risks.
Responsibilities:
- GRC Leadership & Strategy: Lead the GRC team in building a robust cybersecurity governance framework with clear policies and procedures. Promote a proactive, risk-aware culture that aligns cybersecurity goals with business objectives to mitigate threats.
- IT Security Controls Definition & Execution: Develop and implement a global IT security control plan, ensuring controls are well-defined, documented, and comply with industry and regulatory standards. Continuously monitor, review, and enhance these controls to stay ahead of emerging threats and regulatory changes
- Governance & Compliance: Enforce security policies and standards to meet regulatory requirements (e.g., GDPR, CCPA, ISO 27001, PCI, SOX404). Identify and address areas of non-compliance, foster cross-departmental awareness, and maintain audit readiness.
- Risk Management: Oversee the cybersecurity risk register, ensuring thorough risk identification, assessment, and documentation. Collaborate on risk treatment plans, monitor mitigation efforts, and report GRC metrics to executive leadership.
- Security Architecture Oversight: Develop and uphold security architecture frameworks that align with company goals, embedding security-by-design in collaboration with IT architecture teams.
- Audit Preparation and Compliance: Ensure audit readiness for external compliance checks by overseeing documentation, managing evidence gathering, and working with internal stakeholders to address audit findings.
- Team Management & Development: Mentor and lead the GRC team, fostering accountability and continuous improvement. Establish clear objectives, provide feedback, and support professional growth through development opportunities.
REQUIREMENT SUMMARY
Min:5.0Max:10.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Computer Science
Proficient
1
Garching bei München, Germany
