Are you passionate about cybersecurity and ready to lead a high-impact team in a global, dynamic environment? Amer Sports is seeking an experienced professional to head our Governance, Risk, and Compliance (GRC) team, responsible for the group-wide cybersecurity governance framework. In this role, you’ll have the chance to shape the future of our cybersecurity strategy, work with senior leaders, and drive initiatives to protect our organization from evolving risks.

Tasks

GRC Leadership & Strategy: Lead the GRC team in building a robust cybersecurity governance framework with clear policies and procedures. Promote a proactive, risk-aware culture that aligns cybersecurity goals with business objectives to mitigate threats.
IT Security Controls Definition & Execution: Develop and implement a global IT security control plan, ensuring controls are well-defined, documented, and comply with industry and regulatory standards. Continuously monitor, review, and enhance these controls to stay ahead of emerging threats and regulatory changes
Governance & Compliance: Enforce security policies and standards to meet regulatory requirements (e.g., GDPR, CCPA, ISO 27001, PCI, SOX404). Identify and address areas of non-compliance, foster cross-departmental awareness, and maintain audit readiness.
Risk Management: Oversee the cybersecurity risk register, ensuring thorough risk identification, assessment, and documentation. Collaborate on risk treatment plans, monitor mitigation efforts, and report GRC metrics to executive leadership.
Security Architecture Oversight: Develop and uphold security architecture frameworks that align with company goals, embedding security-by-design in collaboration with IT architecture teams.
Audit Preparation and Compliance: Ensure audit readiness for external compliance checks by overseeing documentation, managing evidence gathering, and working with internal stakeholders to address audit findings.
Team Management & Development: Mentor and lead the GRC team, fostering accountability and continuous improvement. Establish clear objectives, provide feedback, and support professional growth through development opportunities.

Requirements

Experience Requirements: 10+ years in cybersecurity, ideally within a regulated industry or consultancy, with 5+ years in a GRC leadership role in a large, multinational organization.
Leadership & Team Development: Proven ability to lead high-performing teams, fostering a culture of accountability, collaboration, and continuous improvement. Skilled in setting clear goals, providing mentorship, and managing team performance.
Cybersecurity Expertise: Extensive experience in cybersecurity within regulated industries, with deep knowledge of GDPR, CCPA, ISO 27001 series, NIST, CIS Benchmarks, Critical Security Controls, and SOX404 compliance requirements.
Strategic & Analytical Mindset: Proactive and strategic approach to risk management and compliance, with strong analytical skills to assess and address risks effectively.
Effective Communicator: Excellent communication and presentation skills, with the ability to explain complex security concepts to senior leadership and influence decision-making.
Technical Knowledge: Strong understanding of M365, cloud technologies, Linux, and networking fundamentals.
Global Perspective: Ability to navigate and excel in a global, cross-functional environment, with a persuasive and solution-oriented approach to complex situations.
Proven Track Record: Demonstrated success in developing and managing cybersecurity policies, risk frameworks, and compliance programs.
Educational Background: Degree in Computer Science or a related field. Certifications such as CISSP, CISM, CISA, or CRISC are preferred.
Language Skills: Excellent proficiency in English.
Additional Qualification (Optional): Prior experience as an IT security auditor is a plus.

Benefits

Global Exposure: Collaborate with a diverse, international team spanning North America, Asia Pacific, and beyond.
Boundless Growth Opportunities: Work with global teams of industry leaders on cutting-edge projects, pushing the boundaries of innovation while contributing to responsible practices.
World-Leading Brands: Engage with top sport and outdoor brands that help people reconnect with themselves and nature.
Authentic Community: Be part of a culture that values authenticity and fosters trust within a global community.
Collective Success: Push each other to reach full potential, celebrate wins together, and enjoy a workplace that feels like a community.
Meaningful Projects: Contribute to responsible projects with dedicated teams, making a real impact and driving positive change..
Engaging Company Culture: Experience a workplace with a strong team spirit and an open, appreciative culture, where you'll feel valued and part of a supportive community.
Discounts on Quality Products: Benefit from compelling discounts on our own-brand products (including Salomon, Atomic, Peak Performance, and more)..
Passion for the Outdoors: Fuel your passion for sports and the outdoors, contributing to a sustainable future that preserves nature for generations to come.

Job recommendations