Senior Director-Governance, Risk, Compliance

at  NIKE

Beaverton, Oregon, USA - 00000

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate24 Feb, 2022Not Specified25 Nov, 202110 year(s) or aboveComputer Science,Cissp,Iso Standards,Cisa,Presentation Skills,RiskNoNo
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Become a Part of the NIKE, Inc. Team
NIKE, Inc. does more than outfit the world’s best athletes. It is a place to explore potential, obliterate boundaries and push out the edges of what can be. The company looks for people who can grow, think, dream and create. Its culture thrives by embracing diversity and rewarding imagination. The brand seeks achievers, leaders and visionaries. At NIKE, Inc. it’s about each person bringing skills and passion to a challenging and constantly evolving game.
NIKE is a technology company. From our flagship website and five-star mobile apps to developing products, managing big data and providing leading edge engineering and systems support, our teams at NIKE Global Technology exist to revolutionize the future at the confluence of tech and sport. We invest and develop advances in technology and employ the most creative people in the world, and then give them the support to constantly innovate, iterate and serve consumers more directly and personally. Our teams are innovative, diverse, multidisciplinary and collaborative, taking technology into the future and bringing the world with it.
Who are we looking for
The Senior Director of Governance, Risk and Compliance will own the global strategy and execution of the Enterprise GRC program which includes execution of the enterprise information security policy and framework development, maintenance and design of security governance risk management reporting, effective management of cybersecurity training and awareness program; oversight of appropriate regulatory and compliance requirements and partnership with the development community on the execution of secure by design implementation processes across the enterprise to assure compliance with regulatory and auditing requirements.
In addition, we are looking for someone with experience building and leading cyber security teams. Someone who is proactive, inclusive, and accountable for developing, maintaining, and carrying out the Risk Management strategic plan. This person will be delivering policy, processes, tools, technology, and human resources at a global scale to a broad section of collaborators in the organization.
What will you work on
The Senior Director GRC role encompasses but is not limited to the deployment of a cybersecurity assurance framework; information security risk management, information risk assessments, information technology compliance and regulations, security awareness training and advocacy, information management, team member engagement, and supervising the security and risk components of divestitures, mergers, acquisitions, and subsequent integration processes.

This leader is also responsible for establishing and implementing a people strategy that will:

  • Cultivate a diverse impactful team of enterprise-wide engaged leaders who will continue to evolve to address the information security needs of Nike.
  • Support ongoing development, growth and capability building of the team and leaders to ensure a strong bench and succession plans.
  • Build energy and passion at all levels of the organization in order to attract and retain top talent.
  • Enable positive relationships within Global Technology, across Nike, including business collaborators, internal audit, and external resources, like service provider partners, etc.
  • Supervise information security conditions and conduct ongoing risk analysis of trends within the Retail industry advising leadership on new risks and direction.
  • Provide leadership and mentorship to departments across the enterprise impacted by regulatory compliance, such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), etc.
  • Provide reports to Executives regarding efficiency of InfoSec programs and make recommendations for the adoptions of new program objectives.
  • Develop a training strategy for Nike, connecting with key collaborators throughout the organization.
  • Establish, implement, and facilitate an effective enterprise-wide information and security governance program that ensures the strategic alignment and broader corporate objectives.
  • Define risk and threat requirements, approach, assessment, compliance, remediation, 3rd party and internal threat risk management.
  • Define ongoing communication plans to ensure that the customer engagement model wis successful.
  • Use the security awareness and advocacy program as a vehicle for delivering risk mitigation activity.

Who will you work with

  • Working across all lines of businesses and throughout Corporate Information Security, this role will ensure alignment and application of practices that both support business goals and meet defined policies and standards for information security.
  • Work with internal and external customers to define and implement a metrics-based reporting framework to measure the efficiency and effectiveness of the program and facilitate appropriate prioritization.
  • Using the NIST framework and ISO Standards, work with technology leaders to set annual and long-range security and compliance goals, define security strategies, operational controls and metrics which will be used to assess the cybersecurity program.
  • Work closely with the Corporate Strategy and Development team in an advisory role in mergers/acquisitions/divestitures as vital, providing appropriate advisory and controls ensuring secure transitions.

What you bring

Minimum requirements

  • Bachelor’s degree in computer science, engineering, or business administration, or related field, or equivalent combination of education and experience.
  • 5+ years’ work experience in a senior leadership role within an information security and risk management function, preferred
  • 10+ years of relevant work experience, including substantial work in information strategy, governance, risk, and compliance
  • Multiple security certifications including CISSP, CISM, CISA.
  • Familiarity with the NIST cyber framework and ISO standards.
  • Solid grasp and alignment on global privacy and data protection laws.
  • Good understanding and practical experience working with Sarbanes-Oxley (SOX), PCI-DSS, GDPR, China PIPL, etc.

Critical Skills

  • Strategic leader with experience leading change and delivering high quality results.
  • Demonstrable experience operating in a complex, federated global organization with a geographically dispersed team.
  • Successful track record of partnership across organizations to build trust and achieve shared goals.
  • Ability to take unpopular positions, when necessary, influence others to support these decisions, and maintain trust and credibility.
  • Excellent communications and presentation skills. Able to communicate sophisticated and technical issues effectively and concisely to executives.
  • Experience in facilitating Executive Leadership meetings.
  • High professional standards and expectations for self and others.
  • Professional stature and gravitas to collaborate with and influence team members with credibility and confidence.

Nike requires all applicants for this position to be vaccinated for COVID-19 as a condition of hire. As an equal opportunity employer, Nike will make accommodations to individuals who cannot be vaccinated in accordance with applicable law.
NIKE, Inc. is a growth company that looks for team members to grow with it. Nike offers a generous total rewards package, casual work environment, a diverse and inclusive culture, and an electric atmosphere for professional development. No matter the location, or the role, every Nike employee shares one galvanizing mission: To bring inspiration and innovation to every athlete* in the world.
NIKE, Inc. is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability

How To Apply:

Incase you would like to apply to this job directly from the source, please click here

Responsibilities:

  • Cultivate a diverse impactful team of enterprise-wide engaged leaders who will continue to evolve to address the information security needs of Nike.
  • Support ongoing development, growth and capability building of the team and leaders to ensure a strong bench and succession plans.
  • Build energy and passion at all levels of the organization in order to attract and retain top talent.
  • Enable positive relationships within Global Technology, across Nike, including business collaborators, internal audit, and external resources, like service provider partners, etc.
  • Supervise information security conditions and conduct ongoing risk analysis of trends within the Retail industry advising leadership on new risks and direction.
  • Provide leadership and mentorship to departments across the enterprise impacted by regulatory compliance, such as Payment Card Industry (PCI), Sarbanes-Oxley (SOX), General Data Protection Regulation (GDPR), etc.
  • Provide reports to Executives regarding efficiency of InfoSec programs and make recommendations for the adoptions of new program objectives.
  • Develop a training strategy for Nike, connecting with key collaborators throughout the organization.
  • Establish, implement, and facilitate an effective enterprise-wide information and security governance program that ensures the strategic alignment and broader corporate objectives.
  • Define risk and threat requirements, approach, assessment, compliance, remediation, 3rd party and internal threat risk management.
  • Define ongoing communication plans to ensure that the customer engagement model wis successful.
  • Use the security awareness and advocacy program as a vehicle for delivering risk mitigation activity


REQUIREMENT SUMMARY

Min:10.0Max:15.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

Finance

Graduate

Computer science engineering or business administration or related field or equivalent combination of education and experience

Proficient

1

Beaverton, OR, USA