Hiring.Camp

GRC Risk Analyst III

SHEIN

·

1 week ago

Location
Los Angeles · Los Angeles, California, United States
Type
Full-time
Department
Security
Experience
5+ years
Source
Greenhouse

Description

About SHEIN 

SHEIN Technology is a U.S. technology company. Founded in 2012, SHEIN is a leading global online retailer with operations in Guangzhou, Los Angeles and Singapore, along with other key markets. SHEIN reaches consumers across more than 150 countries and regions around the world. We place a premium on choice, delivering more than 6,000 new fashion, beauty and lifestyle products daily with more than 600,000 items available. Our mission is to help people express their individuality through the latest trends that are accessible and affordable.

To learn more about SHEIN, follow us at shein.com, instagram.com/sheinofficial and youtube.com/shein. 

Position Summary 

SHEIN Global Security & Risk Management is a global security organization that oversees security infrastructure, risk management, data privacy, governance and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.

Here, innovation isn’t simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.

The GRC Risk Analyst, a thought leader residing within our security organization, is responsible for implementing and maintaining the risk management framework and program. This position will be part of a team of governance, risk, and compliance experts and work with technology and legal partners and business units to meet our global risk management needs.

The ideal candidate should have extensive experience in conducting security risk assessments, a deep understanding of general security technologies and best practices, and practical knowledge of global data privacy laws and regulations. This role must collaborate effectively with development, engineering and operations counterparts as well as internal and external partners to identify, articulate, prioritize, manage, and monitor security risks to protect SHEIN data, services, and information assets.

 Job Responsibilities 

  •  Conduct security risk assessments of business units, critical projects, processes, vendors and information assets to address threats, changes to systems and/or applications, process improvement initiatives, and other related business needs.
  • Document, track, monitor, and report risk assessment and risk management activities to bring appropriate visibility to stakeholders and leadership.
  • Collaboratively work with colleagues globally to develop, implement, and mature security compliance and control frameworks and risk methodologies.
  • Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements.
  • Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program.

 Job Requirements 

  • A minimum of 5 years of experience in security risk management, including business impact analysis, risk assessment and treatment, risk metrics and trend analysis.
  • Possess a bachelor’s degree or higher in the field of information security, engineering, computer science or equivalent advance technology field of study.
  • Relevant certifications, such as CISSP, CIPP, CISM, CISA, ISO 27001 Lead Auditor are highly desired • Strong knowledge of security and privacy standards, regulations and guidelines such as ISO 27k, NIST, CCM, PCI DSS, GDPR, CCPA.
  • Experience developing and deploying risk management frameworks and programs, preferably with international experience in an e-commerce or technology related industry.
  • Practical knowledge and experience working with threat modeling frameworks such as STRIDE, MITRE ATT&CK, OCTAVE desirable.
  • Strong analytical and problem-solving skills.
  • Strong written and verbal communication skills, with the ability to translate complex and technical issues to all levels of personnel.
  • Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly.
  • High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity.

Benefits and Perks 

  • Bonus eligible
  • Healthcare (medical, dental, vision, prescription drugs) 
  • Health Savings Account with Employer Funding 
  • Flexible Spending Accounts (Healthcare and Dependent care) 
  • Company-Paid Basic Life/AD&D insurance 
  • Company-Paid Short-Term and Long-Term Disability 
  • Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident) 
  • Employee Assistance Program 
  • Business Travel Accident Insurance 
  • 401(k) Savings Plan with discretionary company match and access to a financial advisor  
  • Vacation, paid holidays, floating holiday and sick days   
  • Employee discounts 
  • Free weekly catered lunch 
  • Dog-friendly office (available at select locations) 
  • Free gym access (available at select locations) 
  • Free swag giveaways 
  • Annual Holiday Party 
  • Invitations to pop-ups and other company events 
  • Complimentary daily office snacks and beverages

SHEIN Technology is an equal opportunity employer committed to a diverse workplace environment.

#LI-ED1

Pay Range
$90,000$105,000 USD

Skills

Risk ManagementComplianceGDPRISO 27001CISSP

Similar Jobs

30

Technology Compliance & Risk Analyst (GRC)

Patrianna · Bulgaria +5 · Remote

1 week ago

Senior GRC Risk Analyst

MISO Default · Carmel, IN +1

1 month ago

Governance, Risk & Compliance (GRC) Analyst

Quilter · Southampton - Quilter House, United Kingdom · Hybrid, Onsite

6 days ago

GRC - Application Risk Analyst

Aristocrat · Poland - Krakow · Hybrid

2 weeks ago

Governance, Risk & Compliance (GRC) Analyst

Delta Dental of Missouri · Saint Louis, MO

2 weeks ago

Security Governance, Risk & Compliance (GRC) Analyst

Delivery Hero · Kuala Lumpur, Federal Territory of Kuala Lumpur, Malaysia · Hybrid

3 weeks ago

Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead)

Boeing · USA - Seattle, WA, United States of America +13 · Hybrid

1 month ago

Governance, Risk, & Compliance (GRC) Analyst (Senior or Lead)

Boeing · USA - Seattle, WA, United States of America +13 · Hybrid

1 month ago

IT Governance Risk & Compliance (GRC) Analyst

Trustmark · Ridgeland, MS, US +1 · Remote

1 month ago

Senior Governance, Risk, Compliance (GRC) Analyst

Headway · New York, New York, United States; San Francisco, California, United States; Seattle, Washington, United States · Remote

2 months ago

GRC Analyst, Operations & Risk

Whoop · Boston, MA · Onsite

2 months ago

GRC Analyst (Governance, Risk & Compliance)

DTEX Systems · Remote

3 months ago

GRC Risk & Security Analyst

DailyPay · Belfast · Hybrid

4 months ago

Devoteam Cyber Trust| GRC Consultant (Risk Analyst) | FinTech Sector

Devoteam · Lisboa, Portugal · Hybrid

5 months ago

IT Governance, Risk & Compliance (GRC) Analyst, Luxembourg

Stripe · Onsite

5 months ago

IT GRC Risk and Automation Analyst

Logitech · Chennai, India +1 · Hybrid

1 week ago

GRC Analyst - Third Party Risk

Whoop · Boston, MA · Onsite

1 week ago

Governance Risk and Compliance (GRC) Analyst

Assured Data Protection · Leeds, West Yorkshire · Remote, Hybrid

2 weeks ago

Sr. Analyst, Governance, Risk & Compliance (GRC), Information Security

Mdlz · Remote Worker - Greece · Remote

3 weeks ago

Security Governance, Risk & Compliance (GRC) Junior Analyst

Delivery Hero · Singapore, Singapore · Hybrid

2 months ago

Governance, Risk, and Compliance (GRC) Analyst

Santander · Lisboa-Rua da Mesquita, Portugal

2 months ago

Governance, Risk, and Compliance (GRC) Analyst

Santander Effect Our work touches · Lisboa-Rua da Mesquita, Portugal

2 months ago

Sr. Analyst, Governance, Risk & Compliance (GRC), Information Security

Mdlz · Remote Worker - Greece · Remote

3 months ago

Governance, Risk, and Compliance (GRC) Analyst

Strider Technologies · South Jordan, UT +1 · Hybrid

3 months ago

Senior Analyst - IT GRC (Governance, Risk & Compliance)

English Stonex · Bangalore, IN

1+ year ago

Information Security Analyst 5, Governance, Risk & Compliance (GRC)

SanDisk · Batu Kawan, Penang, Malaysia

2 weeks ago

Senior Analyst, Cyber Risk Quantification and GRC

Forrester · Cambridge, MA, United States of America +8 · Remote

1 month ago

Cyber Security Analyst - Governance, Risk and Culture (GRC)

Baringa · London, United Kingdom; Remote, United Kingdom · Remote

1 month ago

GRC e-Discovery and Risk Analyst

DPR Construction · Ft Lauderdale, FL, United States of America +5

3 months ago

GRC e-Discovery and Risk Analyst

Mydpr · Ft Lauderdale, FL, United States of America +5

3 months ago