Information Security Leader (This role is a determined time contract)
IKEA Services Office in Belgrade
You see things a little differently. So do we. We believe that what you value is more important than what your CV says. We offer positions that will challenge your skills and let you grow. Come see things a little differently with us.
About you:
As a person you are motivated to lead the organization in understanding the value that the function brings and how it makes a positive contribution to the business objectives. You strive for being able to provide real business value driving the protection and compliance of country information assets. The IKEA Business and our values and how they apply to the information risk management process is your passion. You are also passionate to learn new technologies and methods and to be able to apply these to a variety of different situations. Furthermore, you enjoy supporting the business to mitigate potential business risks by using your expertise to identify relevant IT security controls. Last but not least you share and live the IKEA culture and values.
About the job:
To support the implementation of the Information Security strategy in the country. To drive compliance to relevant internal steering documents and regulatory requirements on Information Security in the country organization in order to protect the brand. To support the Information and Business Process owners to implement the necessary Information Security requirements into their process or solution.
About the assignment
You will be part of the country team and you will:
- Implement the Group Information Security strategy and common Group Digital goals in your country
- Secure the ‘Security by Design’ concept and integrate the function as a key business partner
- Provide skilled knowledge of IT security to your organization, supporting with your competence to securely protect and safeguard all information assets
- Be responsible for leading the change, securing commons ways of working and creating an information risk aware culture, by educating key stakeholders and all co-workers by using relevant awareness campaigns and mandatory learning solutions (e.g. eLearning’s) to contribute to this assignment
- Have accountability for the Information Security and Data Privacy incident management process, supporting with decision material and escalations as required
- Maintain a focus on 3rd party management including supporting with pre-assessments, needed requirements in contracts and continuous measurement activities
- Keep updated on current and emerging trends, threats, tools and methodologies to maintain knowledge and applicability to the organization
- Use the Risk Management Process to support your organization to understand, identify and mitigate Information and IT Security risks, based on Business risks, Information risks and our steering documents
- Take co-ownership of the ‘Information Security’ risk category in the Risk Register, resulting in an annual Country Risk Register showing key Information risks
- Set and manage goals for the function, supporting and developing the competence of key co-workers in the organization
Your profile
You have:
- Expert knowledge of lT Security controls and industry best practices in IT security
- Broad knowledge of potential information risks for the country organization, its co-workers, customers and suppliers and how Information Security can mitigate these risks
- Experience implementing Security by Design, demonstrating a working knowledge of which security controls can mitigate certain risks (especially web/mobile solutions/applications)
- Strong knowledge in industry standards, such as ISO27001, NIST, etc.
- Background working within the area of Information Security and preferably also Information Technology
- Proven ability to support stakeholders to understand the value of and to implement and continuously measure the effectiveness of security controls
- Strong communication skills, being able to convey the message to the wide spectrum of co-workers
- Being able to lead a change within a complex organization
- Self-reliant and motivated with proven ability to work as part of a team as well as independently
- Knowledge in the risk management process, ability to perform risk assessments and to advise on needed IT mitigating controls
- Ability to work with legal, compliance and other relevant areas related to Information Management/ Information Security or IT Security
- Preferred: Knowledge of the IKEA business, processes, governance and organization structure
Ingka Group is an exciting and empowering region with great growth agenda in all countries – Croatia, Romania, Serbia, Slovenia and Ukraine. We will open 2 new stores in less then 3 years and establish IKEA retail operations in 2 new countries.
We strongly encourage and warmly welcome applications of people of all cultures, backgrounds and experiences because we believe that diversity in IKEA makes us stronger.
Join IKEA now and apply for the position online by 12.02.2020. in English.