Information Security Director
- Seoul, South Korea
Become a Part of the NIKE, Inc. Team
NIKE, Inc. does more than outfit the world's best athletes. It is a place to explore potential, obliterate boundaries and push out the edges of what can be. The company looks for people who can grow, think, dream and create. Its culture thrives by embracing diversity and rewarding imagination. The brand seeks achievers, leaders and visionaries. At NIKE, Inc. it's about each person bringing skills and passion to a challenging and constantly evolving game.
NIKE is a technology company. From our flagship website and five-star mobile apps to developing products, managing big data and providing leading edge engineering and systems support, our teams at NIKE Global Technology exist to revolutionize the future at the confluence of tech and sport. We invest and develop advances in technology and employ the most creative people in the world, and then give them the support to constantly innovate, iterate and serve consumers more directly and personally. Our teams are innovative, diverse, multidisciplinary and collaborative, taking technology into the future and bringing the world with it.
We are looking for a Corporate Information Security (CIS) leader at Korea. This role will be working with the business and information technology functions in Nike Geographies to enable Nike's cyber security program, serving as a bi-directional liaison with cyber security business partners. This person will work to weave cyber security into all IT and business projects and functions, while enabling business operations and missions. You will maximize knowledge of standard methodologies to be able to support applicable regulatory, policy, standards and legal requirements, while leading all aspects of formal risk assessments and self-assessments for various Information systems and processes. You will coordinate penetration testing, give guidance on cyber security engineering and serve as the liaison on cyber security incident response and reporting is a huge part of your job. You will also oversee the ISMS certification process to ensure compliance with the Korea regulatory requirement working with legal and other required teams. These activities will take place directly and through coordination with specialist functions.
What will you work on?
If this is you, you will be guiding the team and responsible for these key tasks:
* Leading your team, as well as teams within large multi-functional projects
* Ensure country-specific regulatory requirements are communicated to stakeholders and customers
* Oversight of the performance of risk assessments in accordance with Nike's Risk assessment methodology.
* Oversight and execution of the alignment to security policies, standards, guidelines and baselines.
* Provide remediation recommendations and/or recommending alternate solutions to resolve gaps against the NISP.
* Collaborate with threat intelligence and vulnerability management teams to drive remediation of security of vulnerabilities.
* Ensure policies are communicated regularly to key partners and customers.
* Promote and track our corporate security awareness program.
* Identify cyber security events and incidents and follow Nike processes to report, remediate, and recover.
* Enable incident response processes by quickly identifying system and data owners as well as the specific fields and classification of Nike data involved.
* Actively participate in lessons learned and resultant process improvement from response activities.
* Identify ways to further protect Nike data through understanding Nike processes, systems, and partnerships in both current and future states.
* Bachelor's Degree and/or a minimum of 10 years relevant IT experience
* CISSP, CRISC, CISM, CISA or GIAC certifications (desired)
* 8-12 years' experience leading and teams; should include comprehensive experience as a business/process leader or as a leader in an IT role.
* Consistent record of being results-orientated with and achieving results-oriented goals
* Outstanding teamwork, listening, written and verbal communication skills with ability to facilitate strategy, requirements and business value conversations with all partners.
* Comfortable with working with other internal or external organizations regarding security policy and standards violations, security controls failure, and incident response situations
* Strong working and technical knowledge of identity and access management and data loss prevention security domains
* Comfortable working with ambiguity is a must
* Excellent analytical and problem solving skills
* Strong discernment to quickly learn new business processes and understand how application performance requirements support the business in achieving revenue and profit goals.
* Strong collaboration skills - must be eager to work as part of a cohesive team and work as a partner to other teams within Nike, Inc., locally and globally
* Experience working in a highly matrixed work environment and working together with others within team focused roles
* Dedication towards the Nike brand and for an innovative, Just Do It work environment
NIKE, Inc. is a growth company that looks for team members to grow with it. Nike offers a generous total rewards package, casual work environment, a diverse and inclusive culture, and an electric atmosphere for professional development. No matter the location, or the role, every Nike employee shares one galvanizing mission: To bring inspiration and innovation to every athlete* in the world.
NIKE, Inc. is committed to employing a diverse workforce. Qualified applicants will receive consideration without regard to race, color, religion, sex, national origin, age, sexual orientation, gender identity, gender expression, veteran status, or disability.
Back to top