Global Cybersecurity Compliance Manager (m/f/d)
Hybrid, Garching near Munich.
We seek a highly skilled Global Cybersecurity Compliance Manager to lead and shape cybersecurity compliance programs across our multinational, NYSE‑listed organization with operations in over 40 countries. In this role, you will design and drive a unified cybersecurity compliance framework aligned with business objectives and regulatory requirements, with immediate focus on PCI DSS governance across our global retail and eCommerce operations.
Responsibilities
* Design, implement, and maintain a unified cybersecurity compliance program aligned with internal policies and external regulations.
* Lead integration across frameworks including SOX ITGC, PCI DSS, and SWIFT CSP.
* Act as subject matter expert for PCI DSS, with future expansion to other standards.
* Define governance models, policies, and compliance standards.
* Develop dashboards, KPIs, and reporting to monitor global compliance status.
* Drive accountability across business units and brands.
* Coordinate evidence collection, testing, and remediation for audits and renewals.
* Manage annual PCI DSS assessments, SAQs, and ROC processes with external QSAs.
* Support regional teams in preparation, evidence gathering, and remediation.
* Ensure consistent application of PCI DSS across all geographies.
* Identify compliance risks and gaps; propose and drive mitigation plans.
* Collaborate with IT, infrastructure, and business teams to implement controls.
* Escalate critical issues with actionable recommendations.
* Deliver targeted training and awareness sessions on PCI DSS, ISO, GDPR, etc.
* Foster a culture of accountability and compliance across the organization.
* Serve as the liaison between Group Cybersecurity, regional IT, business leaders, and external assessors.
* Coordinate with acquirers, payment providers, and regulators.
* Align with Internal Audit, Risk Management, and cross‑functional teams.
Qualifications
* 7+ years of experience in information security, IT compliance, or risk management, including 3+ years of hands‑on PCI DSS compliance in large or complex environments.
* Deep knowledge of cybersecurity compliance frameworks (especially PCI DSS) with ability to expand into ISO 27001, SOX, GDPR, and SEC.
* Strong understanding of IT security controls, payment systems, and retail/eCommerce transaction flows.
* Proven track record leading compliance programs across federated, multinational organizations.
* Experience managing external audits, QSAs, and regulatory assessments.
* Familiarity with GRC frameworks and tools.
* Preferred certifications: PCIP/ISA, CISSP, CISM, or CISA.
* Bachelor’s degree in Information Security, Computer Science, Risk Management, or related field (Master’s preferred).
* Excellent program/project management and stakeholder engagement skills.
* Fluent in English; additional languages are a plus.
* Self‑directed and innovative mindset; eagerness to own projects and drive growth.
* Excellent communication skills for clear collaboration.
Benefits
* Meaningful projects with global teams.
* Flexible working hours and option for mobile or home office.
* Active lifestyle with on‑site gym and sports opportunities.
* Financial security with company pension and profit‑sharing plan.
* Commute benefits for public transportation and job bike program.
* Discounts on Amer Sports own‑brand products.
* Boundless growth opportunities with industry leaders.
* Collaborative excellence with design, innovation, and global partners.
* World‑leading brands in sport and outdoor sector.
* Global collaboration across diverse teams.
Hiring Process
* CV Screening
* Phone Screening
* 2–3 interviews with hiring team
* Feedback & Decision
Apply exclusively via the application form. CVs sent by email will not be considered. For questions, contact talentacquisition@amersports.com.
#J-18808-Ljbffr