At adidas, our love for sport drives who we are and what we do. But just as a ball is more than leather and thread, and a show more than padding and plastic, we are bigger than our products. We don't just work to create faster shoes and lighter fabrics. We strive to help athletes everywhere perform their best. We believe that it's hard work inventing the future of sport, and that's why we love it; that when you push your limits, you make it possible for others to push theirs. 
We believe that through Sport, we have the power to change lives.
 

Senior Manager Information Security Reporting

PURPOSE & OVERALL RELEVANCE FOR THE ORGANIZATION

At adidas, our believe is that “through sports we have the power to change lives”. Information Security plays a key role in keeping our platform and services secure to make this vision reality. Our technology and development processes are state of the art based on innovative technology and we are integrating security from the beginning to make it an integral part of our environment and culture. That gives us speed and quality for our consumers while making our teams empowered and autonomous.

As a Senior Manager Information Security Reporting, you will sit at the intersection of Information Security, Tech and Business. You will inform, implement and work with stakeholders to ensure metrics demonstrate the effectiveness of our security program and investments. In addition, we look to your past experiences to help shape and implement metrics that will establish measurement targets for information security organization and the business.

KEY RESPONSIBILITIES

InfoSec Reporting Framework

•             Lead the definition, implementation and continuous improvement of adidas Information Security reporting framework, enabling stakeholders to take risk-informed decisions by leveraging quantitative-based information and data-driven insights.

•             Manage the definition and operationalization of InfoSec metrics and KPIs, ranging from operational to strategic, with a clear risk-based and value-adding outcome.

•             Present and justify proposed metrics to senior management and technical teams.

•             Identify, analyze and interpret trends or patterns in metrics and communicate analysis and findings in a clear, concise manner to stakeholders.

•             Develop guiding principles on security metrics, measurements, and their business impact.

•             Provide insights on how InfoSec metrics can be used to improve planning.

•             Identify gaps in our current reporting and measurement processes and define and execute actions to help close gaps.

•             Upskill and coach InfoSec stakeholders in the definition of metrics and indicators.

•             Develop a deep understanding on adidas tools / platforms which are key from a data enrichment perspective (Enterprise Architecture repository, CMDB, Identity and Access Management solution, operational tools, etc.).

InfoSec Reporting Platform

•             Support continuous enhancements and evolution of adidas InfoSec reporting platform, by working on the leading edge, with cross-functional teams, to define and implement innovative, automated and compelling data visualizations, reports, charts and dashboards.

•             Capture business requirements to set functional specifications for reporting applications and development of data models.

•             Define criteria on data cleansing to ensure source data is adequate in terms of content, structure, quality and integrity.

•             Manage extract, transform and load processes to quickly stage and shape data from data sources into reporting and analytics solutions.

•             Manage the definition and implementation of access control mechanisms.

•             Ensure relevant service documentation is properly maintained.

•             Mentor, coach and upskill the rest of the team as required.

•             Prioritize and refine product backlog to maximize business value.

Information Security Governance core functions

•             Interpret Information Security policies and standards, apply them to consistently manage risks and contribute to its development as required.

•             Explain purpose of Information Security control framework and provide guidance on the definition, implementation and operation of information security controls, translating technical concepts into language for broad technical and non-technical audiences.

•             Reviews current and proposed information systems & processes for compliance with the organization’s obligations and adherence to overall strategy.

Relationship Management

•             Build strong relationships with key stakeholders, include them into decision making and ensure their requirements are captured in the product backlog.

KEY RELATIONSHIPS

•             InfoSec

•             Tech

•             Product Owners (Business / Tech)

•             Business functions (Operations, Finance, HR, Brands, Sales)

WHAT WE ARE LOOKING FOR

•             Four-year college or university degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience.

•             7+ years of experience in IT, at least 2 years of experience in Information Security.

•             Hands-on experience in data analytics and business intelligence platforms: Power BI (preferred), Tableau, Qlik, Looker, MicroStrategy, etc.

•             Hands-on experience in the following automation / data processing services: Power Automate, Azure Data Factory, Databricks, Azure SQL, Azure Blob Storage.

•             Excellent analytical and problem-solving skills.

•             Excellent written and oral communication skills, ability to communicate effectively and clearly to support / influence data-driven decision making.

•             Highly innovative mindset and permanently challenging the status quo, be curious in determining if we are measuring the right things and asking the right questions.

•             Knowledgeable in information security standards or best practices (e.g.: Center for Internet Security controls framework, ISO 27001, NIST CSF, PCI DSS, etc.).

•             Hands-on experience in InfoSec Governance, Risk and Compliance solutions / Integrated Risk Management solutions is a plus (MetricStream, Archer, ServiceNow, etc.).

•             Proficient spoken and written command of English.

•             Excellent interpersonal and leadership skills.

•             Proactive, self-motivated, with the ability to work independently with minimal supervision and as a team member in a challenging and fast-paced environment.

•             Skilled at preparing documentation for submission / presentation to senior leaders.

•             Able to drive change, create synergies and promote cooperation with strong customer focus and result orientation.

•             Strong collaboration in international and virtual teams, fostering a diversity and inclusion culture.

To be the best sports company in the world, you need the best talents within your teams.

If you are looking for growing professionally within adidas, we are happy to receive your application.

THROUGH SPORT, WE HAVE THE POWER TO CHANGE LIVES
Check out the adidas developer portal to see our latest projects, platforms and tech stacks: https://adidas.github.io