Senior Information Security Analyst

WHO YOU’LL WORK WITHYou will be reporting to the Director of Greater China Corporate Information Security (CIS) based out of GC HQ (Shanghai, China), and will work cross-functionally within the Corporate Information Security (CIS) teams and across Nike. You will regularly meet with local and global Nike business and technology teams.WHO WE ARE LOOKING FORWe’re looking for a Senior Information Security Analyst. This role on the Governance, Risk, Compliance, & Engagement team will include leveraging knowledge of security policies, standards, controls, and industry best practices to consult with partners across all of Nike Inc. The individual will play a critical role in ensuring that GRC functions are incorporated into key security services and program while validating risk mitigation functions within NIKE Inc. are functioning correctly.Bachelor’s Degree in relevant field and minimum of 3 years relevant IT experienceCertifications such as CISA, CRISC, and CISSP preferredExperience in a variety of information technology disciplines strongly desiredExperience with local Cyber Security Regulations (PIPL, MLPS, DSL, etc.) strongly desiredFormer system administration experience, IT audit, or risk advisory experience desiredExcellent analytical and problem-solving skills and strong attention to detailDemonstrated ability to think logically and strategically about technical solutions that are efficient, scalable, and re-usableExcellent collaboration skills and a drive to work as part of a cohesive team and partner to other teams within Nike, Inc. both at WHQ and globallyDemonstrated ability to successfully navigate a highly-matrixed, ambiguous environmentExceptional communication skills, including the ability to gather relevant data and information, actively listen, verbalize ideas effectively, successfully negotiate tense situations, and manage and resolve conflictDemonstrated expertise of building a consensus across business and technology partnersPassion for the Nike brand and for an innovative, Just Do It work environmentSecurity certifications preferred but equivalent knowledge will be considered.Certified Information Security Professional (CISSP)Global Information Assurance Certification (GIAC)WHAT YOU’LL WORK ONIf this, is you, you’ll be working with the Governance team and performing these key tasks:Assess current platforms against Nike security and configuration standardsPerform risk assessments in alignment with Nike methodologies and provide timely feedback to stakeholdersManage and prioritize the risk exception queue, distributing workload to other risk analystsEvaluate and process exceptions to information security policies and standardsIdentify, document and elevate visibility of information risk, where business direction creates potential for exposure to employee, athlete and product sensitive data streams.Interface with key security architects and engineers to ensure expectations and remediation activities are aligned to best practicesAbility to quickly identify risks that require escalation to higher levels of leadershipAbility to operate independently and show measurable progress dailyStay current on information technologies, trends, standards, and best practicesAbility to obtain a deep level of technical and process knowledge across multiple security and IT domains in a short amount of timeCreate a subscription to the information risk assessment process through pro-active partnerships and collaboration with internal business partners.Become an advocate of NIKE Information security procedures, policies, and processes, and standards as a mechanism to enable the business effectively while managing risk appropriately.Provide enforcement of security policies, standards, and procedures by working cross functionally with Compliance and Governance functions within the Corporate Information Security organization.Stay current on information security technologies, trends, standards, and best practice