Modis are looking for an Information Risk Management Analyst to join our IT team, our chosen candidate would work at our global retail client, located in Hilversum.
In the Information Risk Management Analyst role, you'll execute with IT leadership to build, deliver and operate an information security and risk management assessment strategy that is integrated into the fabric of our client’s DNA.
You will be involved in developing a risk management program that is driven by the value and classification of information and working with the data stewards to align the support and participation in the mitigation of information risk.
Your responsibilities will not be limited to include :
Identify, document and elevate visibility to information risk, where business direction creates potential for exposure to employee, athlete and product sensitive data streams.
Develop, drive and lead a strategy around the management of information risk utilizing mechanisms to track the identification, remediation or acceptance of risk decisions.
Evaluate vendor processes at the point of engagement with NIKE and ensure sufficient validation of data sharing arrangements and agreements protect NIKE’s sensitive information.
Perform formal risk assessments on partner and vendor connections and ensure the business objectives align with the type and volume of data used in maintaining a need to know / use mindset.
Create a subscription to the information risk assessment process through pro-active partnerships and collaboration with internal business partners.
Become an advocate of NIKE Information security procedures, policies, and processes, and standards as a mechanism to enable the business effectively while managing risk appropriately.
Provide enforcement of security policies, standards and procedures by working cross functionally with Compliance and Governance functions within the Corporate Information Security organization.
Propose and implement methods to ensure information security awareness.
Support the risk analysis intake process and communicate to stakeholders.
Stay current on information security technologies, trends, standards and best practices.
What We're Looking For :
Knowledge of information security principles and practices, general procedures and guidelines.
A general understanding of technology use, trends and risks as it applies in a business context and environment.
Excellent communication skills (written and verbal) as well as comfort and experience in presentation delivery.
Proven persuasion skills.
Proven experience identifying solutions for complex problems in enterprise environments.
Proven analytical and problem solving ability.
The ability to appropriately communicate complex security risks to nontechnical staff.
Must be trustworthy in keeping sensitive data confidential.