Purpose & Overall Relevance for the Organization :
The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability and relevant compliance of information systems with legislation, regulation and relevant standards.
Key Responsibilities :
Provides advice and guidance on security strategies to manage identified risks and ensure adoption and adherence to standards.
Obtains and acts on vulnerability information and conducts security risk assessments, business impact analysis and accreditation on complex information systems.
Investigates major breaches of security, and recommends appropriate control improvements.
Contributes to development of information security policy, standards and guidelines.
Actively maintains recognized expert level knowledge in one or more identifiable specialisms.
Provides definitive and expert advice in their specialist area(s).
Oversees the provision of specialist advice by others, consolidates expertise from multiple sources, including third party experts, to provide coherent advice to further organizational objectives.
Supports and promotes the development and sharing of specialist knowledge within the organization.
Within given research goals, builds on and refines appropriate outline ideas for research, including evaluation, development, demonstration and implementation.
Applies standard methods to collect and analyses quantitative and qualitative data.
Creates research reports to communicate research methodology and findings and conclusions. Contributes sections of material of publication quality.
Uses available resources to update knowledge of any relevant field and curates a personal collection of relevant material.
Participates in research communities.
Emerging technology monitoring
Supports monitoring of the external environment and assessment of emerging technologies to evaluate the potential impacts, threats and opportunities to the organization.
Contributes to the creation of reports, technology road mapping and the sharing of knowledge and insights.
Maintains security administration processes and checks that all requests for support are dealt with according to agreed procedures.
Provides guidance in defining access rights and privileges.
Investigates security breaches in accordance with established procedures and recommends required actions and supports / follows up to ensure these are implemented.
Contributes to digital forensic investigations.
Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.
Maintains current knowledge of malware attacks, and other cyber security threats.
Creates test cases using in-depth technical analysis of risks and typical vulnerabilities.
Produces test scripts, materials and test packs to test new and existing software or services.
Specifies requirements for environment, data, resources and tools.
Interprets, executes and documents complex test scripts using agreed methods and standards.
Records and analyses actions and results.
Reviews test results and modifies tests if necessary.
Provides reports on progress, anomalies, risks and issues associated with the overall project.
Reports on system quality and collects metrics on test cases.
Provides specialist advice to support others.
Implements stakeholder engagement / communications plan.
Deals with problems and issues, managing resolutions, corrective actions, lessons learned and the collection and dissemination of relevant information.
Collects and uses feedback from customers and stakeholders to help measure effectiveness of stakeholder management.
Helps develop and enhance customer and stakeholder relationships.
Key Relationships : Global IT
Respective business function (GOPS, Finance, HR, Brand Marketing, Wholesale / Retail)
Knowledge and skills :
Secure code review
Web application security assessment
DAST (Dynamic Scans)
Requisite Education and Experience / Minimum Qualifications :
Four-year college or university degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience
Proficient spoken and written command of English
At least 7-year experience in IT
5 years of experience in relevant area
2 years of experience in team management
Strong understanding & knowledge of regional and global market landscape and the respective customer
Managed critical elements and cross functional and regional projects
At adidas we have a winning culture. But to win, physical power is not enough. Just like athletes our employees need mental strength in their game.
We foster the athlete s mindset through a set of behaviors that we want to enable and develop in our people and that are at the core of our unique company culture the 3Cs : CONFIDENCE, COLLABORATION and CREATIVITY.
CONFIDENCE allows athletes to make quick decisions on the field, to reach higher. For us at adidas confidence means acknowledging that we don’t have all the answers.
But we are willing to take risks, we try new things. And if we fail, then this is part of our learning it helps us improve.
COLLABORATION . Every elite athlete relies on partners : coaches, teammates, and nutritionists. We, too, know that we are stronger together.
Winning as one team takes open and candid dialogue, inclusiveness and trust in each other’s abilities and talents.
Being the best sports company in the world takes CREATIVITY . No great athlete succeeds by copying their predecessors’ training plans and strategies.
We have to be open to new ideas, explore, gain an edge and stand out. Only then can we succeed.
adidas celebrates diversity, supports inclusiveness and encourages individual expression in our workplace. We do not tolerate the harassment or discrimination toward any of our applicants or employees.
We are an Equal Opportunity Employer.
Brand : adidas Location : Bogota TEAM : Information Technology State : DC Country / Region : CO Contract Type : Full time Number : 269053 Date : Oct 16, 2020