Director, GRC Converse

Nike Technology brings together technology and process expertise to create value for the consumer. We deliver one-stop, integrated process and technology capabilities that enable Nike, Inc.'s businesses and brands worldwide. Our focus is on providing Lean solutions that eliminate waste, maximize consumer value, and drive profitable business growth.

As the Director, GRC Converse you will be working with the business and information technology functions in Nike and Converse to enable Nike's cyber security program, serving as a bi-directional liaison with cyber security stakeholders. You will work to weave cyber security into all IT and business projects and functions, while enabling business operations and missions. The Director, GRC Converse
will leverage knowledge of best practices to be able to support applicable regulatory, policy, standards and legal requirements, while overseeing formal risk assessments and self-assessments for various Information systems and processes. The Director, GRC Converse will coordinate penetration testing, advise on cyber security engineering, and serve as the liaison on cyber security incident response and reporting. These activities will take place directly and through reach back services and functions. You may also:
• Manage a team of CIS GRC resources
• Perform risk assessments in accordance with the company assessment methodology.
• Oversee adherence to security policies, standards, guidelines and baselines.
• Provide remediation recommendations and/or recommend alternate solutions to resolve gaps against Policy & Standards.
• Liaise with threat intelligence and vulnerability management teams to drive remediation of security of vulnerabilities.
• Ensure policies are communicated regularly to stakeholders and customers.
• Promote and monitor our corporate security awareness program.
• Identify cyber security events and incidents and follow Nike processes to report, remediate, and recover.
• Enable incident response processes by quickly identifying system and data owners as well as the specific fields and classification of Nike data involved.
• Actively participate in lessons learned and resultant process improvement from response activities.
• Develop and share an understanding of systems and processes employed at Converse.
• Identify ways to further protect Nike data through understanding Nike processes, systems, and partnerships in both current and future states.


Qualifications
• At least 3-5 years of leading cyber security or technology teams
• Bachelor's Degree and a minimum of 10 years relevant IT experience
• CISSP, CRISC, CISM, CISA or GIAC certifications beneficial
• At least 5-7 years of documenting and implementing security policies, standards, and/or controls
• At least 3-5 years of security monitoring experience and incident response activities; preferably within a professional services firm or similar environment
• Solid understanding of network security, OSI model, and information security architecture, previous work as a security engineer is a plus
• Comfortable with interfacing with other internal or external organizations regarding security policy and standards violations, security controls failure, and incident response situations
• Strong knowledge of incident response and crisis management with the ability to identify both tactical and strategic solutions using strong verbal and written communication skills
• Strong working and technical knowledge of identity and access management and data loss prevention security domains
• Understanding of network, desktop and server technologies, including experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
• IT Audit, internal Audit and/or risk advisory experience is a plus
• Comfortable working with ambiguity is a must
• Excellent analytical and problem-solving skills
• Strong business acumen to quickly learn new business processes and understand how application performance requirements support the business in achieving revenue and profit goals.
• Excellent collaboration skills - must be eager to work as part of a cohesive team and work as a partner to other teams within Nike, Inc., locally and globally
• Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict
• Proven presentation and facilitation skills
• Must excel working in team-oriented roles that rely on ability to collaborate with others
• Experience working successfully in a highly matrixed work environment
• Passion for the Nike brand and for an innovative, Just Do It work environment

• At least 3-5 years of leading cyber security or technology teams
• Bachelor's Degree and a minimum of 10 years relevant IT experience
• CISSP, CRISC, CISM, CISA or GIAC certifications beneficial
• At least 5-7 years of documenting and implementing security policies, standards, and/or controls
• At least 3-5 years of security monitoring experience and incident response activities; preferably within a professional services firm or similar environment
• Solid understanding of network security, OSI model, and information security architecture, previous work as a security engineer is a plus
• Comfortable with interfacing with other internal or external organizations regarding security policy and standards violations, security controls failure, and incident response situations
• Strong knowledge of incident response and crisis management with the ability to identify both tactical and strategic solutions using strong verbal and written communication skills
• Strong working and technical knowledge of identity and access management and data loss prevention security domains
• Understanding of network, desktop and server technologies, including experience with network intrusion methods, network containment, segregation techniques and technologies such as Intrusion Detection Systems (IDS) and Intrusion Protection Systems (IPS)
• IT Audit, internal Audit and/or risk advisory experience is a plus
• Comfortable working with ambiguity is a must
• Excellent analytical and problem-solving skills
• Strong business acumen to quickly learn new business processes and understand how application performance requirements support the business in achieving revenue and profit goals.
• Excellent collaboration skills - must be eager to work as part of a cohesive team and work as a partner to other teams within Nike, Inc., locally and globally
• Exceptional communication skills, including the ability to gather relevant data and information, actively listen, dialogue freely, verbalize ideas effectively, negotiate tense situations successfully, and manage and resolve conflict
• Proven presentation and facilitation skills
• Must excel working in team-oriented roles that rely on ability to collaborate with others
• Experience working successfully in a highly matrixed work environment
• Passion for the Nike brand and for an innovative, Just Do It work environment


Meet Some of Nike, Inc.'s Employees

Danny M.

Senior Engineering Manager

Danny coordinates with various groups to facilitate Nike's e-commerce business, connecting athletes to products and services they'll love.

Jennifer ".

Retail District Director

JT oversees all Nike stores in Oregon, including driving her district’s business strategy and ensuring each store team gets the support they need to best serve consumers.


Back to top