GRC Policy Manager - Los Angeles, United States - SHEIN Technology LLC

    SHEIN Technology LLC
    SHEIN Technology LLC Los Angeles, United States

    1 month ago

    Default job background
    Description

    Job Title: GRC Policy Manager

    Reports to: Head of GRC

    Job Location: Los Angeles, CA

    Job Status: Exempt, FT

    While professional experience and qualifications are key for this role, make sure to check you have the preferable soft skills before applying if required.

    About SHEIN

    SHEIN is a global online fashion and lifestyle retailer, offering SHEIN branded apparel and products from a global network of vendors, all at affordable prices. Headquartered in Singapore, with more than 15,000 employees operating from offices around the world, SHEIN is committed to making the beauty of fashion accessible to all, promoting its industry-leading, on-demand production methodology, for a smarter, future-ready industry.

    Position Summary

    SHEIN Global Security and Risk Management (GSRM) is a global security organization that oversees security infrastructure, risk management, data privacy, business fraud, governance, and regulatory compliance across SHEIN's global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.

    Here, innovation isn't simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.

    We are seeking a seasoned GRC Policy Manager to join our team in our Los Angeles-based corporate office. This GRC Risk Manager is a thought leader within our security organization, is responsible for implementing and maintaining the policy strategy, framework, lifecycle, and supporting processes. This position will be part of a team of governance, risk, and compliance experts and work with technology and legal partners and business units to meet our global policy and compliance needs.

    The ideal candidate should have a deep understanding of general security technologies and best practices, industry standard compliance frameworks, and experience in global data privacy laws and regulations. This role must be able to translate security requirements into consistent, clear, and concise security policy across security and other regulatory areas to develop and maintain comprehensive security policies, standards, and guidelines in accordance with regulatory requirements and industry best practice to protect SHEIN data, systems, and services.

    Job Responsibilities

    • Enhance and maintain a comprehensive policy framework, taking into account applicable legal and regulatory requirements, industry best practice and standards, new technologies, threat landscape, and SHEIN business needs.
    • Manage the policy roadmap and lifecycle, including policy review, revision, publication, communication, and exceptions management.
    • Establish relationships and work with relevant stakeholders across the enterprise to support the policy management lifecycle.
    • Develop supporting documentation, including policy release notes, implementation guidance, and executive summaries in support of policy communication and implementation.
    • Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the policy strategy, roadmap, and framework.
    • Manage policy documentation activities, including document version control and maintaining cross references to relevant industry standards.
    • Support integration and maturation of policy, compliance, and risk frameworks

    Job Requirements

    • Possess a bachelor's degree or higher in information security, writing, or similar field of study is preferred
    • A minimum of 5 years of practical experience in security policy development is preferred
    • Experience in developing and deploying policy management programs, preferably with international experience in an e-commerce or technology related industry
    • Relevant security certifications, such as CISSP, CISM, CISA, are desirable
    • Strong knowledge of security and data privacy standards, regulations and guidelines such as ISO 27k, NIST, CIS, GDPR, CCPA, PCI DSS
    • Strong written and verbal communication and collaboration skills, with the ability to translate complex and technical issues to all levels of personnel
    • Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly
    • High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity

    Pay

    $107,600.00 min - $180,200.00 max annually. Bonus & RSU offered.

    Benefits and Perks

    Healthcare (medical, dental, vision, prescription drugs)

    Health Savings Account with Employer Funding

    Flexible Spending Accounts (Healthcare and Dependent care)

    Company-Paid Basic Life/AD&D insurance

    Company-Paid Short-Term and Long-Term Disability

    Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)

    Employee Assistance Program

    Business Travel Accident Insurance

    401(k) Savings Plan with discretionary company match and access to a financial advisor

    Vacation, paid holidays, floating holiday and sick days

    Employee discounts

    Free weekly catered lunch

    Dog-friendly office (available at select locations)

    Free gym access (available at select locations)

    Free swag giveaways

    Annual Holiday Party

    Invitations to pop-ups and other company events

    Complimentary daily office snacks and beverages

    SHEIN Technology LLC is an equal opportunity employer committed to a diverse workplace environment.