Job Description:

Job Title: GRC Risk ManagerReports to: Head of GRCJob Location: Los Angeles, CA, USAJob Status: Exempt, FTBe one of the first applicants, read the complete overview of the role below, then send your application for consideration.About SHEINSHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturing technology to connect suppliers to our agile supply chain, reducing inventory waste and enabling us to deliver a variety of affordable products to customers around the world. From our global offices, we reach customers in more than 150 countries. Founded in 2012, SHEIN has nearly 10,000 employees operating from offices around the world, with U.S. Headquarters located in Los Angeles and Global Headquarters located in Singapore. In SHEIN, we work with outstanding, creative, and capable peers. We share an energetic and open culture for capable people to discern, work and ignite as a team.Position SummarySHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN's global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.Here, innovation isn't simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.We are seeking an experienced GRC Risk Manager to join our team in our Los Angeles-based corporate office. This GRC Risk Manager is a thought-leader residing within our security organization and is responsible for implementing and maintaining the risk management framework and program. This position will be part of a team of governance, risk, and compliance experts and will work with technology, legal partners, and business units to meet our global risk management needs.The ideal candidate should have extensive experience in developing, deploying, and maturing risk management frameworks and programs, a deep understanding of general security technologies and best practices, and knowledge of global data privacy laws and regulations. This role must collaborate effectively with development, engineering, and operations counterparts as well as internal and external partners to identify, articulate, prioritize, manage, and monitor security risks to protect SHEIN data, services, and information assets.Job ResponsibilitiesDevelop, implement, mature, and champion risk management processes and concepts.Deploy the risk management framework, processes, and tools to conduct risk assessments effectively and consistently.Conduct risk assessments of business units, critical processes and information assets.Conduct third-party risk assessments and security reviews of third-party agreements.Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements.Manage the risk register and define and report key risk metrics to management on a regular basisPrepare risk assessment reports to inform risk treatment decisions.Track and monitor remediation and risk management activities.Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program.Support integration and maturation of policy, compliance, and risk frameworks.Job RequirementsA minimum of 7 years of experience in information security risk management, including business impact analysis, risk assessment and treatment, risk metrics and trend analysis is preferredBachelor's degree or higher in the field of information security, engineering, computer science or equivalent advance technology field of study is preferredRelevant security certifications, such as CISSP, CISM, CISA, ISO 27001 Lead Auditor are highly desiredStrong knowledge of security and data privacy standards and regulations such as ISO 27k, NIST, CIS, GDPR, CCPA, PCI DSSTeam management experience, including setting and aligning team and individual goals, providing clear and timely feedback, and fostering collaboration, is preferredExperience developing and deploying risk management frameworks and programs, preferably with international experience in an e-commerce or technology related industryExperience with deploying GRC tools is desirablePractical knowledge and experience working with threat modeling frameworks such as STRIDE, MITRE ATT&CK, OCTAVE is desirableStrong analytical and problem-solving skillsStrong written and verbal communication skills, with the ability to translate complex and technical issues to all levels of personnelDetail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordinglyHigh level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturityPay$107,600.00 min - $180,200.00 max annually. Bonus & RSU offered.Benefits and CultureHealthcare (medical, dental, vision, prescription drugs)Health Savings Account with Employer FundingFlexible Spending Accounts (Healthcare and Dependent care)Company-Paid Basic Life/AD&D insuranceCompany-Paid Short-Term and Long-Term DisabilityVoluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)Employee Assistance ProgramBusiness Travel Accident Insurance401(k) savings plan with discretionary company match and access to a financial advisorVacation, Paid holidays and sick daysEmployee DiscountsPerks (HQ Location)Free weekly catered lunch at HQDog-Friendly officeFree Gym Access at HQFree Swag GiveawaysAnnual Holiday PartyInvitations to pop-ups and other company eventsComplimentary daily office snacks and beveragesFree Shuttle Service from HQ to LA Union StationSHEIN Distribution is an equal opportunity employer committed to a diverse workplace environment.