Information Security Assurance Lead

Job Title: Information Security Assurance Lead
Reports to: Head of Governance, Risk & Compliance
Location: Los Angeles, CA based - Remote CA
Job Class: Exempt
About SHEIN Technology
SHEIN Technology is a U.S. technology company that supports SHEIN Distribution Corporation, responsible for distributing SHEIN's products in the U.S. Founded in 2012, SHEIN is a global fashion and lifestyle e-retailer committed to making the beauty of fashion accessible to all. We use on-demand manufacturing technology to connect suppliers to our agile supply chain, reducing inventory waste and enabling us to deliver a variety of affordable products to customers around the world. From our global offices, we reach customers in more than 150 countries. To learn more about SHEIN, visit SHEIN.com.
Here, innovation isn't simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.
Position Summary:
SHEIN Global Security & Risk Management is a global security organization that oversees security infrastructure, risk management, data privacy, governance and regulatory compliance across SHEIN's global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.
Here, innovation isn't simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.
The Information Security Assurance Lead, a thought leader residing within our security organization, is responsible for implementing and maintaining the compliance management framework and program. This position will be part of a team of governance, risk, and compliance experts and work with technology and legal partners and business units to meet our global security compliance needs.
The ideal candidate should have extensive experience in developing, deploying, and maturing compliance management frameworks and programs, a deep understanding of general security technologies and best practices, and knowledge of global data privacy laws and regulations. This role must collaborate effectively with development, engineering and operations counterparts as well as internal and external partners to assess, report, and maintain compliance against applicable security industry standards and regulatory requirements.
Core Responsibilities:

• Maintain security compliance program to provide assurance against applicable industry standards and regulatory requirements.
• Deploy the compliance management framework, processes, and tools to conduct compliance assessments and audits effectively and consistently.
• Develop compliance assessment plans and roadmaps.
• Conduct compliance assessments and audits against internal policies and standards.
• Prepare compliance assessment reports to inform management.
• Track and monitor remediation activities.
• Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the compliance management strategy, framework, and program.
• Support integration and maturation of policy, compliance, and risk frameworks.

Skills and Qualifications:

• A minimum of 7 years of experience in information security compliance and assurance, including compliance assessment, audit, controls monitoring, and compliance metrics
• Possess a bachelor's degree or higher in the field of information security, engineering, computer science or equivalent advance technology field of study
• Relevant security certifications, such as CISSP, CISM, CISA, ISO 27001 Lead Auditor are highly desired
• Strong knowledge of security and data privacy standards, regulations and guidelines such as ISO 27k, SOC 2, PCI DSS, NIST, CIS, GDPR, CCPA
• Experience developing and deploying compliance management frameworks and programs, preferably with international experience in an e-commerce or technology related industry
• Experience working with UCF is desirable
• Experience with deploying GRC tools is desirable
• Strong analytical and problem-solving skills
• Strong written and verbal communication skills, with the ability to translate complex and technical issues to all levels of personnel
• Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly
• High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity

SHEIN Technology is an equal opportunity employer committed to a diverse workplace environment.
Pay: $97,300.00 min - $155,600.00 max. annually