×
News
The latest news
access_time
Tailored Brands announces deal to sell Joseph Abboud trademarks
access_time
Blame this epic Dior menswear show on Judy
access_time
Glenda Bailey steps down as editor-in-chief of Harper's Bazaar
access_time
Jean-Paul Gaultier announces that next couture show will be his last
access_time
Berluti, between haute sportswear and K-pop
access_time
Fashion king Kenzo on his exit from retirement for one final fling
access_time
Yohji Yamamoto stages a masterfully tailored rebellion
access_time
Gap announces collaboration with US brand Telfar
access_time
Dolce & Gabbana open softly in Paris with Napoleon and Josephine
access_time
French label Gerard Darel puts John Moyers in charge of US subsidiary
access_time
Botter charms Paris with highly successful maiden show
access_time
Net-A-Porter backs Netflix’s ‘Next in Fashion’ reality show
access_time
Pandora vows to improve customer experience within 3 years
access_time
Versace to open new stores in Paris and London
access_time
Kat Von D sells namesake beauty brand to Kendo, steps down
access_time
Amazon promises 1 million new jobs in India amid tensions with government
access_time
Burberry to take AW20 show to Shanghai, will add China exclusives
access_time
Richemont sales rise offsets Q3 Hong Kong weakness, but fashion ops dip
access_time
U.S. holiday sales rise 4.1% in 2019 on strong online sales: NRF
access_time
Nivea-maker Beiersdorf optimistic for 2020 despite slowdown
access_time
Elsa Hosk teams up again with Lancaster
access_time
U.S. Senate passes USMCA
Share
Text size
aA+ aA-
Print
Click here to print

Senior Analyst, Information Security Risk & Compliance

Country : USA

State : California

County : San Francisco County

Town : San Francisco

Category : Consulting - Audit

Contract type : Permanent

Availability : Full time

Company presentation

The RealReal is leading the way in authenticated luxury consignment, online and in real life at our brick and mortar locations. Founded in 2011, we’re growing fast and fundamentally changing the way people buy and sell luxury — a multi-billion dollar industry. With a team of in-house experts who inspect every item we sell, our commitment to authenticity sets us apart and creates a foundation of trust with shoppers and consignors. Our mission to extend the life cycle of luxury items is leading innovation in sustainable fashion. We’re proud to promote the circular economy and to be the first luxury member of the Ellen MacArthur Foundation’s prestigious CE100 USA.

Employees at The RealReal are dedicated, collaborative and innovative, and we’re looking for exceptional talent to join our team. Build your career with us and enjoy 401K matching, health, dental and vision insurance, commuter flex spending, healthcare flex spending, generous PTO, a mother’s room, and flexible work hours!

Job description

Security's mission is to build and protect stakeholder trust - customers, employees, investors - in our business, especially where technology is involved. Security at TRR has a unique value in reinforcing trust in the stewardship that is core to the business. We do this by guiding right organizational security risk decisions and partnering with technology and business teams. We bring integrity, knowledge, and a passion for technology.

We are looking for a Senior Analyst to help drive risk and compliance initiatives impacting TRR's security posture. Come join us in building better security for a company that lives its values of ecology, economy, and quality.
- Perform information security, IT regulatory, and privacy risk assessments on cloud and internal technology environments/systems in the organization
- Conduct security risk assessments on third parties and assist in reviewing contract agreements to ensure necessary security controls are in place
- Coordinate with the external auditors and regulators for testing the organization's internal IT controls pertaining to SOX
- Manage on-going compliance of the organization's GDPR and CCPA programs
- Manage and drive risk remediation activities with internal customers within the organization as well as third parties
- Understand and document cloud and internal technology environments, data flows and associated security controls
- Drive the design and implementation of ServiceNow GRC, working with internal and external stakeholders
- Document internal security policies, standards, and procedures for the organization as needed
- Support the security and privacy training and awareness program in the organization
- Contribute to GRC programs such as Sarbanes Oxley (SOX) IT General Controls, PCI DSS, GDPR, CCPA, compliance with the NIST Cybersecurity Framework (NIST CSF) as needed
- Build and cultivate positive working relationships with internal customers (outside of InfoSec)
- Develop and maintain IT Risk Management metrics and reports

Profile

- 5 years experience leading security, risk and compliance projects
- Experience performing third party vendor risk assessments and reviewing contracts
- Strong knowledge of security risk management frameworks including related regulatory compliance requirements (NIST CSF & 800-53, ISO27001, SOX, PCI DSS, GDPR, CCPA etc.)
- Ability to work effectively while prioritizing and juggling competing priorities in a fast-paced work environment
- Ability to communicate effectively with management both technical and non-technical and establish personal credibility

NICE TO HAVE
- 4+ years working in the field of compliance or security
- Prior work experience in a SaaS/Cloud company security and compliance group or security & risk practice of a Big 4 firm
- Experience designing and implementing a GRC tool (Service Now)
- Direct and recent work experience with at least two of the following compliance program: ISO 27001, ISO 9001, PCI, SSAE16, SOC2, SOX, HIPAA, GDPR
- Relevant professional certifications such as CISSP, CISA, CISM, CIPP, GIAC, PMP

#LI-KARA.STEINMEYER
Share
Print
Click here to print

Similar Offers

Information Security Compliance Senior Manager

GAP INC
access_time | place San francisco

Information Security Compliance Analyst

GAP INC
access_time | place San francisco

Compliance Program Manager

GAP INC
access_time | place San francisco

Information Security Compliance Manager

GAP INC
access_time | place San francisco

Fashion Jobs

Senior Import And Audit Compliance Specialist

TJX COMPANIES INC.
access_time | how_to_reg Permanent | place Marlborough

Coordinator, Legal Compliance

ROSS STORES
access_time | how_to_reg Permanent | place New york

Manager - Corporate Compliance

FOSSIL
access_time | how_to_reg Permanent | place Pittsburg

Manager - Corporate Compliance

FOSSIL
access_time | how_to_reg Permanent | place Pittsburg

Customs Compliance Coordinator

GIII APPAREL GROUP
access_time | how_to_reg Permanent | place New york

Compliance Associate, sr

NORDSTROM CARD SERVICES INC
access_time | how_to_reg Permanent | place Centennial

Compliance Program Manager

GAP INC
access_time | how_to_reg Permanent | place San francisco

Information Security Compliance Manager

GAP INC
access_time | how_to_reg Permanent | place San francisco

Information Security Compliance Analyst

GAP INC
access_time | how_to_reg Permanent | place San francisco

Director, us Special Projects Trade Compliance

ESTÉE LAUDER COMPANIES
access_time | how_to_reg Permanent | place Melville