Manager Information Security (m/f/d)

Adidas is an equal opportunity employer and we are committed to fostering an inclusive workplace. We welcome applications from people of all ages, genders (incl. gender identity), ethnic and social backgrounds, nationalities, sexual orientations, religions and beliefs, and those with apparent or non-apparent disabilities*. We do not tolerate harassment or discrimination toward any of our applicants or employees.
*We actively encourage individuals with disabilities to apply and will provide reasonable accommodations throughout the recruitment process.

Purpose & Overall Relevance for the Organization:

The selection, design, justification, implementation and operation of controls and management strategies to maintain the security, confidentiality, integrity, availability, accountability, and relevant compliance of information systems with legislation, regulation, and relevant standards.

Key Responsibilities: 

Information security
•    Explains the purpose of and provides advice and guidance on the application and operation of elementary physical, procedural, and technical security controls. 
•    Performs security risk, vulnerability assessments, and business impact analysis for medium complexity information systems, including SaaS platforms and cloud services. 
•    Drives SaaS discovery, intake, and risk classification across the enterprise; coordinates identity-first security controls (SSO, MFA, conditional access, least privilege) for SaaS platforms.
•    Investigates suspected attacks and manages security incidents. 
•    Uses forensics where appropriate.

Specialist advice
•    Actively maintains knowledge in one or more identifiable specialisms. 
•    Provides detailed and specific advice regarding the application of their specialism(s) to the organization’s planning and operations. 
•    Recognizes and identifies the boundaries of their own specialist knowledge. 
•    Collaborates with other specialists, where appropriate, to ensure advice given is appropriate to the needs of the organization.

Research
•    Within given research goals, builds on and refines appropriate outline ideas for research, including evaluation, development, demonstration, and implementation. 
•    Applies standard methods to collect and analyses quantitative and qualitative data. 
•    Creates research reports to communicate research methodology and findings and conclusions. 
•    Contributes sections of material of publication quality. 

•    Uses available resources to update knowledge of any relevant field and curates a personal collection of relevant material. 
•    Participates in research communities.

Emerging technology monitoring
•    Supports monitoring of the external environment and assessment of emerging technologies to evaluate the potential impacts, threats, and opportunities to the organization. 
•    Contributes to the creation of reports, technology road mapping and the sharing of knowledge and insights.

Security administration
•    Investigates minor security breaches in accordance with established procedures. 
•    Assists users in defining their access rights and privileges. 
•    Performs non-standard security administration tasks and resolves security administration issues.
•    Operates and expands SaaS Security Posture Management (SSPM) tooling, tracks findings, and drives remediation with SaaS owners.

Digital forensic
•    Contributes to digital forensic investigations. 
•    Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.

Penetration testing
•    Maintains current knowledge of malware attacks, SaaS-specific threats, OAuth security risks, API token management, and other cyber security threats. 
•    Creates test cases using in-depth technical analysis of risks and typical vulnerabilities. 
•    Produces test scripts, materials, and test packs to test new and existing software or services. 
•    Specifies requirements for environment, data, resources, and tools. 
•    Interprets, executes, and documents complex test scripts using agreed methods and standards.
•    Records and analyses actions and results. 
•    Reviews test results and modifies tests if necessary. 
•    Provides reports on progress, anomalies, risks, and issues associated with the overall project. 
•    Reports on system quality and collects metrics on test cases. 
•    Provides specialist advice to support others.
•    Develops security standards, baselines, and guidance for SaaS adoption and configuration.

If required: People Management / Resource Management: 

•    May be involved and gives some input on hiring Transition decisions 
•    Ensures appropriate leadership skills are present at every level through creating a motivational and supportive work environment in which employees are coached, trained, and provided with career opportunities through development 


•    Allocates the different work to the respective employees considering experience, complexity, workload, and organizational efficiency
•    Continuously monitors and evaluates team workload and organizational efficiency with the support of IT systems, data and analysis and team feedback and makes appropriate changes to meet business needs.
•    Provides team members/direct reports with clear direction and targets that are aligned with business needs and GIT objectives 

Key Relationships: 

•    Global IT
•    Respective business function (GOPS, Finance, HR, Brand Marketing, Wholesale/Retail)
•    HR Management
•    Controlling
•    SOC/APR, Identity & Access Management, Data Security, Security Architecture

Requisite Education and Experience / Minimum Qualifications: 

•    Four-year college or university degree with focus on Business Administration or IT or related areas, or equivalent combination of education and experience 
•    Proficient spoken and written command of English 
•    At least 3–5 years experience in information security with exposure to identity, data security, cloud/SaaS, and detection & response
•    2 years of experience in relevant area
•    1 year of experience in team management
•    Understanding of different culture
•    Participated in projects with people from other functions/markets
•    Familiarity with SSPM tooling, DLP, data classification, TPRM/vendor risk processes, and SIEM platforms preferred
•    Relevant certifications (e.g., CISSP, CCSP, CCSK) are a plus


At adidas, we strongly believe that embedding diversity, equity, and inclusion (DEI) into our culture and talent processes gives our employees a sense of belonging and our brand a real competitive advantage.

– Culture Starts With People, It Starts With You –

By recruiting talent and developing our people to reflect the rich diversity of our consumers and communities, we foster a culture of inclusion that engages our employees and authentically connects our brand with our consumers.

Job Title:  Manager Information Security (m/f/d)

Brand: 
Location:  Herzogenaurach
TEAM:  Technology
State:  BY
Country/Region:  DE
Contract Type:  Full time
Number:  546162
Date:  Jun 23, 2026