Back to all jobs
About the role
<p><strong><span data-contrast="auto">About SHEIN</span></strong><span data-ccp-props="{"201341983":0,"335559739":0,"335559740":240}"> </span></p>
<p>SHEIN Technology is a U.S. technology company. Founded in 2012, SHEIN is a leading global online retailer with operations in Guangzhou, Los Angeles and Singapore, along with other key markets. SHEIN reaches consumers across more than 150 countries and regions around the world. We place a premium on choice, delivering more than 6,000 new fashion, beauty and lifestyle products daily with more than 600,000 items available. Our mission is to help people express their individuality through the latest trends that are accessible and affordable.</p>
<p>To learn more about SHEIN, follow us at shein.com, instagram.com/sheinofficial and youtube.com/shein. </p>
<p><strong><span data-contrast="auto">Position Summary</span></strong><span data-ccp-props="{"201341983":0,"335559739":0,"335559740":240}"> </span></p>
<p>SHEIN Global Security & Risk Management is a global security organization that oversees security infrastructure, risk management, data privacy, governance and regulatory compliance across SHEIN’s global footprint. It is composed of a team of security professionals, innovators and thought leaders that have had decades of global security experience, led large scale transformations, and served in Fortune 500 executive roles.</p>
<p>Here, innovation isn’t simply about protecting and defending our company. We develop solutions that are practical today and scalable tomorrow; and we create collaborative teams dedicated to innovation across each of our businesses to share our common values and vision.</p>
<p>The GRC Risk Manager, a thought leader residing within our security organization, is responsible for implementing and maintaining the risk management framework and program. This position will be part of a team of governance, risk, and compliance experts and work with technology and legal partners and business units to meet our global risk management needs.</p>
<p>The ideal candidate should have extensive experience in developing, deploying, and maturing risk management frameworks and programs, a deep understanding of general security technologies and best practices, and knowledge of global data privacy laws and regulations. This role must collaborate effectively with development, engineering and operations counterparts as well as internal and external partners to identify, articulate, prioritize, manage, and monitor security risks to protect SHEIN data, services, and information assets. </p>
<p><span data-ccp-props="{"201341983":0,"335559739":0,"335559740":240}"> </span><strong><span data-contrast="auto">Job Responsibilities</span></strong><span data-ccp-props="{"134233117":true,"134233118":true,"201341983":0,"335559740":240}"> </span></p>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Develop, implement, mature, and champion risk management processes and concepts. </li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Deploy the risk management framework, processes, and tools to conduct risk assessments effectively and consistently.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Manage the risk register and define and report key risk metrics to management on a regular basis.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Conduct risk assessments of business units, critical processes and information assets.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Conduct third-party risk assessments and security reviews of third-party agreements.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Work closely with technology and legal partners and business units to ensure appropriate security and data protection requirements are incorporated into third-party engagements.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Prepare risk assessment reports to inform risk treatment decisions.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Track and monitor remediation and risk management activities.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Maintain a current and comprehensive understanding of relevant industry standards to incorporate into the risk management strategy, framework, and program.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="1" data-aria-level="1">Support integration and maturation of policy, compliance, and risk frameworks.</li>
</ul>
<p><span data-ccp-props="{"134233117":true,"134233118":true,"201341983":0,"335559740":240}"> </span><strong><span data-contrast="auto">Job Requirements</span></strong><span data-ccp-props="{"134233117":true,"134233118":true,"201341983":0,"335559740":240}"> </span></p>
<ul>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">A minimum of 7 years of experience in information security risk management, including business impact analysis, risk assessment and treatment, risk metrics and trend analysis.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Possess a bachelor’s degree or higher in the field of information security, engineering, computer science or equivalent advance technology field of study.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Relevant security certifications, such as CISSP, CISM, CISA, ISO 27001 Lead Auditor are highly desired.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Strong knowledge of security and data privacy standards and regulations such as ISO 27k, NIST, CIS, GDPR, CCPA, PCI DSS.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Team management experience, including setting and aligning team and individual goals, providing clear and timely feedback, and fostering collaboration.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Experience developing and deploying risk management frameworks and programs, preferably with international experience in an e-commerce or technology related industry.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Experience with deploying GRC tools is desirable.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Practical knowledge and experience working with threat modeling frameworks such as STRIDE, MITRE ATT&CK, OCTAVE is desirable.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Strong analytical and problem-solving skills.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Strong written and verbal communication skills, with the ability to translate complex and technical issues to all levels of personnel.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">Detail oriented and highly organized, with the ability to thrive in a fast-paced environment and prioritize accordingly.</li>
<li data-leveltext="" data-font="Symbol" data-listid="5" data-list-defn-props="{"335552541":1,"335559685":720,"335559991":360,"469769226":"Symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridMultilevel"}" data-aria-posinset="4" data-aria-level="1">High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity.</li>
</ul>
<p><strong><span data-contrast="none">Benefits and Perks</span></strong><span data-ccp-props="{"201341983":0,"335557856":16777215,"335559740":257}"> </span></p>
<ul>
<li><span data-contrast="none">Bonus and RSU eligible</span></li>
<li><span data-contrast="none">Healthcare (medical, dental, vision, prescription drugs)</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Health Savings Account with Employer Funding</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Flexible Spending Accounts (Healthcare and Dependent care)</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Company-Paid Basic Life/AD&D insurance</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Company-Paid Short-Term and Long-Term Disability</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Voluntary Benefit Offerings (Voluntary Life/AD&D, Hospital Indemnity, Critical Illness, and Accident)</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Employee Assistance Program</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Business Travel Accident Insurance</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">401(k) Savings Plan with discretionary company match and access to a financial advisor </span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Vacation, paid holidays, floating holiday and sick days </span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Employee discounts</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Free weekly catered lunch</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Dog-friendly office (available at select locations)</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Free gym access (available at select locations)</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Free swag giveaways</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Annual Holiday Party</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Invitations to pop-ups and other company events</span><span data-ccp-props="{"335557856":16777215,"335559739":0}"> </span></li>
<li><span data-contrast="none">Complimentary daily office snacks and beverages</span></li>
</ul>
<p><span data-contrast="none">SHEIN Technology is an equal opportunity employer committed to a diverse workplace environment.</span></p>
<p><span data-ccp-props="{"335557856":16777215,"335559739":0}">#LI-ED1</span></p><div class="content-pay-transparency"><div class="pay-input"><div class="title">Pay Range</div><div class="pay-range"><span>$108,000</span><span class="divider">—</span><span>$180,000 USD</span></div></div></div>
Perks & benefits
- 401k
- Paid Time Off
- Pension Matching
- Equity Compensation
741,000+ hidden jobs like this
SHEIN and thousands of companies post here first — often days before LinkedIn or Indeed. Your first 5 applications are free; go Pro to apply without limits.
Everything Pro unlocks:
- Unlimited applications — free stops at 5
- Track every application in one place
- Apply straight to the source, one click
- Save & organize roles you love
- Roles pulled from company boards before the big sites
