Information Security - Conshohocken, United States - IKEA

IKEA

Verified Company

Conshohocken, United States

3 weeks ago

Posted by:

Mark Lane

beBee recruiter

Description

Why we will love you:

At least 4 years experience working directly with Data Privacy (projects/ programmes) CIPP/x or equivalent qualification
5 years experience working with IT Security, demonstrating a working knowledge of which security controls can mitigate certain risks
Strong knowledge in industry standards, such as ISO27001, NIST, etc.
Expert knowledge of data privacy legislation and what controls are needed to secure compliance
Proven ability to influence stakeholders and promote the business benefits of Data Privacy and effective security controls
Background working within the area of Information Security and preferably also Information Technology Strong communication skills, being able to convey the message to the wide spectrum of coworkers
5 years leadership experience, being able to lead a change within a complex organisation Competence Profile |Information Security and Data Privacy Leader
Capable to understand how security and data privacy controls can mitigate business and information risks Ability to demonstrate a riskbased approach to decisions concerning
Knowledge in the risk management process, ability to perform risk assessments and to advise on needed IT mitigating controls
Preferred: Knowledge of the IKEA business, processes, governance and organization structure

What you'll be doing day to day:

Secure the effective implementation of the Group Information Security and Data Privacy strategy and common group goals in your market.
Be a key business partner, securing the 'Security and Privacy by Design' concept and integrating the function into business processes.
Lead change in the local organization to develop Data Privacy maturity and governance, and in creating an information risk aware culture.
Secure the use of the mandatory learning solutions throughout the organization, collaborating with the Competence Development team to ensure effectiveness.
Have accountability for the Information Security and Data Privacy incident management process, supporting with contact with local regulators and/or individuals, decision material and escalations as required.
Be the speaking partner to the business for daytoday Data Privacy issues, to enable successful navigation and compliance with our steering documents and local Data Privacy legislation
Provide skilled knowledge of IT security to the organization, contributing functional expertise to securely protect and safeguard all information assets.
Secure Personal Data Management activities such as Personal Data Inventory and Mapping are completed.
Manage local suppliers in the full lifecycle of activity from a Data Privacy and Information Security perspective, from selection through to contracts and continuous measurement activities.
Keep updated on current and emerging security and privacy trends, threats, tools as well as changes in legislation within the area of Data Privacy and applicability to the organization.
Secure the process for Individual Rights requests and ensure that this is followed.

Together as a Team:

To implement the Information Security and Data Privacy strategy in the market.

To drive compliance to relevant internal steering documents and regulatory requirements in Information Security and Data Privacy in the country organisation in order to protect the brand.

To operationalise Privacy by Design procedures and embed a Privacy by Design culture in the market.

To support the Information and Business Process owners to implement the necessary Information Security requirements into their process or solution.

Job Type-Permanent, Salaried Benefits Eligible