As a person you are motivated to lead the organisation in understanding the value that the function brings and how it makes a positive contribution to the business objectives. You strive for being able to provide real business value driving the protection and compliance of country information assets. The IKEA Business and our values and how they apply to Information Security and Data Privacy is your passion. Furthermore, you enjoy solving potential business risks by mitigating non-compliance by using your expertise to identify relevant IT security and privacy controls and you have the energy to keep up-to-date with changing legislation, to interpret the applicability to the country and learning new security technologies and methods. Last but not least you share and live the IKEA culture and values.
In this role
•You have at least 4 years’ experience working directly with Data Privacy (projects/ programmes)
•You have 5 years’ experience working with IT Security, demonstrating a working knowledge of which security controls can mitigate certain risks.
•You have CIPP/x or equivalent qualification, strong knowledge in industry standards, such as ISO27001, NIST, etc. and expert knowledge of data privacy legislation and what controls are needed to secure compliance.
•You also possess knowledge in the risk management process, ability to perform risk assessments and to advise on needed IT mitigating controls.
•You have proven ability to influence stakeholders and promote the business benefits of Data Privacy and effective security controls as well as background working within the area of Information Security and preferably also Information Technology.
•You are appreciated for the strong communication skills, being able to convey the message to the wide spectrum of co-workers, ability to demonstrate a risk-based approach to decisions concerning and capability to understand how security and data privacy controls can mitigate business and information risks.
•You have 5 years leadership experience, being able to lead a change within a complex organisation and solid competence and experience in supporting solutions through the Security by Design phases (especially web/mobile solutions/applications) is in your scope.
You have knowledge in following areas:
•Expert knowledge of local Data Privacy legislation and how this impacts business operations
•Expert knowledge of IT Security controls and industry best practices in IT security
•Solid understanding of Privacy by Design and how to operationalise this concept within the local country
•Good knowledge of and in implementing Security by Design into an organisation
•Broad knowledge of potential information risks for the country organisation, its co-workers, customers and suppliers and how Information Security can mitigate these risks
•Good knowledge of IKEA business processes and governance structures
•Good knowledge of IT solutions at Ingka
•Good knowledge of and proven experience with the Risk Management Process, performing risk assessments and be able to advise and support mitigating actions of IKEAs corporate identity, core values and vision of creating a better everyday life for the many people
WHAT YOU'LL BE DOING DAY TO DAY
As an Information Security and Data Privacy Leader
•you will implement the Information Security and Data Privacy strategy in the country and drive compliance to relevant internal steering documents and regulatory requirements in Information Security and Data Privacy in the country organisation to protect the brand.
•Operationalize Privacy by Design procedures and embed a Privacy by Design culture in the country.
•Support the Information and Business Process owners to implement the necessary Information Security requirements into their process or solution.
•Secure the effective implementation of the Group Information Security and Data Privacy strategy and common Group Digital goals in your country
•Be a key business partner, securing the ‘Security and Privacy by Design’ concept and integrating the function into business processes
•Lead change in the local organisation to develop Data Privacy maturity and governance, and in creating an information risk aware culture
•Secure the use of the mandatory learning solutions throughout the organisation, collaborating with the Competence Development team to ensure effectiveness
•Have accountability for the Information Security and Data Privacy incident management process, supporting with contact with local regulators and/or individuals, decision material and escalations as required
•Be the speaking partner to the business for day to day Data Privacy issues, to enable successful navigation and compliance with our steering documents and local Data Privacy legislation
•Provide skilled knowledge of IT security to the organisation, contributing functional expertise to securely protect and safeguard all information assets
•Secure Personal Data Management activities such as Personal Data Inventory and Mapping are completed
•Manage local suppliers in the full lifecycle of activity from a Data Privacy and Information Security perspective, from selection through to contracts and continuous measurement activities
•Keep updated on current and emerging security and privacy trends, threats, tools as well as changes in legislation within the area of Data Privacy and applicability to the organisation
•Secure the process for Individual Rights requests and ensure that this is followed
In this role you will report to the Country Digital Manager.
This role is in Burlington, Ontario.
We appreciate your application as soon as possible.
TOGETHER AS A TEAM
We’re the ones who make it possible for people to have a smarter life at home and a hassle-free and rewarding shopping experience. Together we work to find new digital solutions for every business need to help make IKEA a great and efficient place to work. We like to think of ourselves as innovative and modern, and we believe that nothing would actually work without us.