Lead Information Security Analyst, Compliance

Posted:
9/16/2024, 12:29:16 PM

Location(s):
Beaverton, Oregon, United States ⋅ Oregon, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Become a Part of the NIKE, Inc. Team!
NIKE, Inc. does more than outfit the world's best athletes. It is a place to explore potential, obliterate boundaries and push out the edges of what can be. The company looks for people who can grow, think, dream and create. Its culture thrives by embracing diversity and rewarding imagination. The brand seeks achievers, leaders and visionaries. At Nike, it’s about each person bringing skills and passion to a challenging and constantly evolving game.
WHO ARE WE LOOKING FOR
We are looking for a Lead Compliance Analyst who can leverage knowledge of industry best practices, people and problem-solving skills to ensure regulatory (e.g., SOX, Sarbanes Oxley) and non-regulatory (e.g., Company Policy and standards) compliance functions are properly executed. Our ideal candidate is passionate about control practices and compliance, with a strong working knowledge of industry best practice frameworks, such as ISO, NIST and CoBIT and controls testing/validation and design methodologies.
WHAT WILL YOU WORK ON
Responsibilities will include, but not be limited to:
  • Leading new controlling design projects/programs in meeting our SOX requirements. Focus will be on leading interface and future AI requirements.
  • Consult on control design and control operations related in support of compliance requirements.
  • Understand the relationship between information security policies, standards, procedures, and controls as they pertain to the delivery and maintenance of quality systems so that you can effectively advocate information security rationale to business stakeholders.
WHO WILL YOU WORK WITH
You will report to the Director of Information Security Compliance. You will regularly meet with business and technology teams and their leaders across Nike, Inc. to ensure controls are designed and effective in meeting our regulatory requirements. You will work cross-functionally within the Corporate Information Security, Risk and Compliance (CISRC) teams and across Nike, Inc. for information security compliance operations.
WHAT YOU BRING
  • This opportunity requires skills and experience related to controls design & testing to ensure compliance with regulatory requirements for SOX. This role requires experience in the enterprise's compliance space with a focus on Cloud controls design, tooling (e.g. IAM solutions) and working with Nike Technology architecture on design requirements. You must be comfortable working in an ambiguous, yet fast-paced, environment.
  • 7 + years of IT Audit, internal Audit, and/or IT compliance history
  • Leading scoping of ITGC’s, Auto Controls and Interface controls
  • Knowledge of information security principles, frameworks, and best practices (e.g., PCI DSS, COBIT, COSO, NIST and ISO 27000).
  • Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to others within Nike, Inc. both at WHQ and globally.
  • Proven experience identifying solutions for complex problems in enterprise environments.
  • Excellent analytical and problem-solving skills.
  • Current on information security technologies, trends, standards, and best practices.
  • Bachelor's degree in Business Information Management, Information Security, Computer Science, Finance, or Accounting or equivalent combination of education, experience or training.
  • CISA, CRISC, CISSP, or CISM certifications are beneficial.
  • Strong business acumen to quickly learn new business processes and understand how the SOX ITGC’s support the business in achieving annual compliance.
  • 6-8 years of compliance preferred
  • SOC 1 evaluation and controls mapping
  • Lead large control design projects