• Expert knowledge of local Data Privacy legislation and how this impacts business operations
• Expert knowledge of IT Security controls and industry best practices in IT security
• A solid understanding of Privacy by Design and how to operationalise this concept within the local market
• Good knowledge of and in implementing Security by Design into an organisation
• Broad knowledge of potential information risks for the country organisation, its co-workers, customers and suppliers and how Information Security can mitigate these risks
• Good knowledge of IKEA business processes and governance structures
• Good knowledge of IT solutions at Ingka
• Good knowledge of and proven experience with the Risk Management Process, performing risk assessments and be able to advise and support mitigating actions
• Knowledge of IKEAs corporate identity, core values and vision of creating a better everyday life for the many people.
• To lead the organisation in understanding the value the function brings and how it makes a positive contribution to the business objectives
• Being able to provide real business value by driving compliance and protection of market information assets
• Passionate for the IKEA Business and our values and how they apply to Information Security and Data Privacy
• Enjoy solving potential business risks by mitigating non-compliance by using your expertise to identify relevant IT security and privacy controls
• Have the energy to keep up-to-date with changing legislation, to interpret the applicability to the country and learning new security technologies and methods.
• Share and live the IKEA culture and values.
• Ability to lead your organisation in implementing Information Security and Data Privacy requirements
• Be able to provide subject matter expertise to country stakeholders, ensuring they have the needed support and information available to identify and manage information and data privacy risks
• Ability to coordinate activities across a variety of stakeholders
• Ability to act with personal integrity, discretion, reliability and flexibility being a trusted business partner
• Able to communicate in an enthusiastic and engaging manner, adjusting the message and method depending on the target group.
• Ability to support with and interpret the results of technical security audits.
• Build Strong Relationships
• Collaborate & Co-create
• Create customer value
• Lead with IKEA Values
• Inspire & Clarify
• Unleash Entrepreneurs
PREVIOUS EXPERINCE AND SKILLS:
• At least 4 year’s experience working directly with Data Privacy (projects/ programmes)
• CIPP/x or equivalent qualification
• 5 years experience working with IT Security, demonstrating a working knowledge of which security controls can mitigate certain risks
• Strong knowledge in industry standards, such as ISO27001, NIST, etc.
• Expert knowledge of data privacy legislation and what controls are needed to secure compliance
• Proven ability to influence stakeholders and promote the business benefits of Data Privacy and effective security controls
• Background working within the area of Information Security and preferably also Information Technology
• Strong communication skills, being able to convey the message to the wide spectrum of co-workers
• 5 years leadership experience, being able to lead a change within a complex organisation
• Capable to understand how security and data privacy controls can mitigate business and information risks
• Ability to demonstrate a risk-based approach to decisions concerning
• Solid competence and experience in supporting solutions through the Security by Design phases (especially web/mobile solutions/applications)
• Knowledge in the risk management process, ability to perform risk assessments and to advise on needed IT mitigating controls.
• Knowledge of the IKEA business, processes, governance and organisation structure
• Secure the effective implementation of the Group Information Security and Data Privacy strategy and common group goals in your market
• Be a key business partner, securing the ‘Security and Privacy by Design’ concept and integrating the function into business processes
• Lead change in the local organisation to develop Data Privacy maturity and governance, and in creating an information risk aware culture.
Secure the use of the mandatory learning solutions throughout the organisation, collaborating with the Competence Development team to ensure effectiveness
• Have accountability for the Information Security and Data Privacy incident management process, supporting with contact with local regulators and/or individuals, decision material and escalations as required
• Be the speaking partner to the business for day to day Data Privacy issues, to enable successful navigation and compliance with our steering documents and local Data Privacy legislation
• Provide skilled knowledge of IT security to the organisation, contributing functional expertise to securely protect and safeguard all information assets
• Secure Personal Data Management activities such as Personal Data Inventory and Mapping are completed
• Manage local suppliers in the full lifecycle of activity from a Data Privacy and Information Security perspective, from selection through to contracts and continuous measurement activities
• Keep updated on current and emerging security and privacy trends, threats, tools as well as changes in legislation within the area of Data Privacy and applicability to the organization.
• Secure the process for individual rights request and ensure that is followed.
ABOUT THIS WORK AREA
To be the local business partner responsible for Country Digital Technology and working as one seamless Country Digital organisation with INGKA Group Digital. To ensure IKEA digital products and platforms are delivered with excellence to meet the needs of customers and co-workers in order to enhance the whole IKEA shopping experience.
To secure effective information technology (IT) that supports IKEA business processes by maintaining, developing and supporting reliable, robust and efficient Digital products and platforms. Country Digital contributes to the growth of IKEA and improves the customer´s life at home. Country Digital also works together with all functions to ensure co-workers have the digital tools and capabilities they need to do their best work.
Ensure digital deployments are done with excellence and in coordination with Group Digital and all other country functions.
PURPOSE OF JOB:
To implement the Information Security and Data Privacy strategy in the market. To drive compliance to relevant internal steering documents and regulatory requirements in Information Security and Data Privacy in the country organisation in order to protect the brand. To operationalise Privacy by Design procedures and embed a Privacy by Design culture in the market. To support the Information and Business Process owners to implement the necessary Information Security requirements into their process or solution